[GENESIS] – Ransomware Victim: Lows Orkney

AI Generated Summary of the Ransomware Leak Page

On 11 November 2025, Lows Orkney, a legal and accounting provider based in Orkney, United Kingdom, is listed as a ransomware victim on a public leak page. The entry describes Lows Orkney as offering property, legal, and accounting services and notes estimated annual revenue of around $4 million. The post does not provide a separate compromise date; the date shown is the post date. The leak page highlights a downloadable archive described as “List of Company Files,” and it includes a single download link, implying data exfiltration and potential public release of internal documents. The page references the victim’s site, but any URL is defanged. There are no screenshots or images on the leak page.

From a threat intelligence perspective, the page appears to indicate a data-leak scenario rather than an encryption-only event, given the emphasis on a downloadable file containing internal documents. The presence of a single file could reflect targeted exfiltration of documents rather than a broad system-wide wipe. The available metadata notes one download item and no accompanying screenshots or images, and there is no ransom amount or demand documented. The attachment is described as a RAR archive containing the “List of Company Files,” and the defanged context of the referenced site suggests caution when handling any released material. For professional services firms in the United Kingdom, this underscores the ongoing risk to client data and internal records from ransomware-related data leaks.