[COINBASECARTEL] – Ransomware Victim: Propertyfinder / PropSpace CRM

AI Generated Summary of the Ransomware Leak Page

On 2025-11-10 00:21:53.229557, a leak post attributed to the group coinbasecartel targets Propertyfinder / PropSpace CRM, a technology-sector organization based in the United Arab Emirates. The page presents itself as a data-leak announcement connected to a ransomware intrusion and claims that the attackers have exfiltrated more than 2 TB of data from the victim’s environment. The data described includes the full Propertyfinder leads database (over 10 million records), the full property listings database, and all PropSpace CRM client data. The post notes the existence of a claim URL as evidence, but does not disclose any ransom amount in the excerpt. The leak page contains no screenshots or images, per metadata indicating zero images.

The post identifies Propertyfinder / PropSpace CRM as the victim, with the incident framed as a data-leak rather than an encryption event. The scope of data referenced suggests potential exposure of customer leads, property listings, and CRM client information, carrying privacy and business implications for a technology firm operating in real estate data services. There is no explicit compromise date provided beyond the post date, which should be treated as the publication date; no ransom figure is disclosed. The page includes a claim URL but presents no media assets (images_count is 0). This illustrates a ransomware-related data-leak scenario where attackers publicize substantial exfiltrated data while withholding or delaying a monetary demand, relying on the threat of broader data release.