[DRAGONFORCE] – Ransomware Victim: SAIGON INDUSTRIAL SERVICE

AI Generated Summary of the Ransomware Leak Page

On November 5, 2025, a leak post on SAIGON INDUSTRIAL SERVICE’s data-leak page asserts that the Vietnam-based manufacturing firm has been compromised in a data-leak incident. The page describes SAIGON INDUSTRIAL SERVICE as a supplier, installer, processor, and maintainer of valves, pumps, and other equipment used in the oil and gas and electricity sectors, with more than ten years of experience serving domestic and international clients. The post frames the event as a data-exfiltration incident, indicating that sensitive internal information has been stolen and may be released publicly. No explicit compromise date is listed; therefore, the post date is used as the reference date for the incident. The page notes that a claim URL is present and that there are 24 attached images, described only in general terms as screenshots or internal documents related to the company’s operations, with no detailed contents provided. No ransom amount is stated in the available data.

The leak page also indicates that SAIGON INDUSTRIAL SERVICE operates in Vietnam (VN) and maintains a description of its business activities. There are no downloadable files indicated (downloads_present is false) and no external links beyond the attached images (link_count is 0). The presence of 24 image attachments suggests substantial material was exposed, though the exact contents of the images are not described in the summary. The victim’s name is preserved as SAIGON INDUSTRIAL SERVICE, and there is no explicit compromise date beyond the post date; no ransom figure is disclosed in the data. Overall, the post presents a data-leak scenario with multiple visual attachments but without detailing the specific data types or any monetary demand.