Ransomware Group: GLOBAL

VICTIM NAME: Geomaticks Grecia

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the GLOBAL Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Geomaticks Grecia, a Greek company specializing in geoinformation technologies with over two decades of experience. The attack was publicly disclosed on July 26, 2025, indicating that the breach occurred around the same date. The company provides services such as aerial surveying, photogrammetric mapping, cadastral surveying, orthophotomaps, LiDAR, GIS, and geographic data services, primarily serving Greece and the larger Balkan, Middle Eastern, and North African regions. The leak page does not specify the extent of data compromised or the nature of the ransomware involved. The page includes visual content such as screenshots, which likely depict internal documents or notice screens related to the attack. No direct download links or evidence of data leaks are explicitly indicated on the page, but the nature of the leak suggests potential exposure of sensitive geographic and client data. This incident underscores the importance of cybersecurity measures for companies handling critical geospatial information in regions of strategic importance.

The attack date is noted as July 26, 2025, with the breach publicly announced shortly thereafter. The company’s activity in geospatial data services and its regional focus highlight the potential impact of such an incident on infrastructure planning, environmental management, and regional development projects within Greece and neighboring territories. The leak page’s content has been sanitized to omit any personally identifiable or highly sensitive information, focusing instead on general details about the incident. Although no explicit details of the data lost are available, the presence of screenshots suggests that internal or confidential information may have been compromised or at least targeted for disclosure by the threat actors. This case emphasizes the ongoing threat landscape faced by organizations dealing with critical infrastructure data in geopolitically sensitive regions.