Ransomware Group: SAFEPAY

VICTIM NAME: azpiaran[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the SAFEPAY Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware attack targeted the website of azpiaran.com, a family-owned enterprise based in Poland specializing in high-quality Spanish and Polish meat products. The attack was publicly disclosed on May 15, 2025, with the breach discovered shortly thereafter. The leak suggests that sensitive information or data related to the company’s operations may have been compromised, although specific details of the data stolen have not been publicly revealed. The threat group responsible appears to be associated with the “safepay” group, indicating potential financial motives behind the attack. The compromised website includes a screenshot of an internal page, which may hint at the nature of the leak, but does not disclose explicit details. The attack raises concerns about the security of the company’s internal systems and its data integrity, emphasizing the importance of cybersecurity measures for organizations involved in the food production sector.

Additional indicators point to a possible infostealer operation, although no employees, third parties, or user data are explicitly listed as affected. The attack appears to have been conducted with malicious intent to extract confidential information, potentially for ransom or data resale. The publicly available claim URL and hacking group association suggest ongoing threat activity that could impact the company’s reputation and operational stability. The website’s screenshot indicates there may be visual evidence or internal documents accessible to threat actors. Overall, this incident underscores the growing cybersecurity challenges faced by companies in the food and manufacturing industries, highlighting the need for robust defense strategies against targeted cyberattacks.