Ransomware Group: EVEREST

VICTIM NAME: BRIJU[.]PL

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the EVEREST Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

BRIJU[.]PL appears as a victim on a ransomware leak page dated 14 August 2025 (the post date, as no compromise date is provided in the data). The victim is described in the page content as a Polish jewelry producer and distributor, focused on silver and gold pieces such as rings, necklaces, bracelets, earrings, and pendants, with sales conducted online and through a network of stores across Poland. The leak page is associated with the Everest group in its metadata and includes a claim URL. The available information does not explicitly state whether the attackers encrypted systems or simply exfiltrated data, and no ransom figure is documented in the dataset. The page also includes 11 image attachments, generally characterized as screenshots of internal materials used to illustrate the leaked content. The visible body excerpt on the page lists only the victim’s name, BRIJU[.]PL, with no additional identifying details shown.

Additional context from the leak page reinforces that BRIJU[.]PL is a Polish jewelry producer and distributor of silver and gold items, with a product range that includes rings, necklaces, bracelets, earrings, and pendants, sold online and through stores across Poland. The presence of a claim URL and multiple image attachments aligns with common ransomware-leak postings that accompany a data-compromise narrative. Since the dataset does not provide a separate compromise date, the 14 August 2025 post date should be treated as the publication date of this entry. There is no explicit ransom amount in the visible data, and there are no other external links described beyond the claim URL.