Ransomware Group intelligence
0apt
InactiveTrack 0apt with 190 published victims and 1 known leak locations in a single intelligence view.
Overview
0apt is tracked by Breach House as a ransomware group with 190 published victims.
United States is currently the most targeted country in this dataset.
1 known leak locations are currently associated with this group.
Top Countries
Interactive distribution based on the currently visible victims list.
Known Leak Locations (1)
| Label | Type | Availability | Links |
|---|---|---|---|
| Leak location 1 | Onion service | Unknown | oaptxiyisljt2kv3we2we34kuudmqda7f2geffoylzpeo7ourhtz4dad.onion |
Top Activity Sectors
No sector intelligence available.
Ransom Notes (0)
▼No ransom notes available for this group.
Tools Used
▼No tools used available.
YARA Rules (0)
▼No YARA rules available.
Indicators of Compromise (0)
▼No IoCs available for this group.
Negotiation Chats (0)
▼No negotiation chats available.
Research Sources
No external research sources linked yet.
Victims (190)
Search, filter and paginate the victim timeline for 0apt. Showing 1–100 of 190.
| Type | Target | Discovered | Country | Business Category | Intel Link |
|---|---|---|---|---|---|
| Ransomware | HCA Healthcare UK (Private Division) id26205 View details | United Kingdom | Healthcare / Pharma | — | |
|
HCA Healthcare UK is a private healthcare provider in the United Kingdom, operating hospitals, outpatient facilities, and medical centres. Its services span consultation through treatment, and public listings describe offerings across areas such as oncology, fertility, surgery, orthopaedics, gastroenterology, primary care, and diagnostic or supportive services. The organization is registered in England and Wales as HCA International Limited and serves patients through private-sector teams across the UK. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Vestas Wind Systems (Denmark) id26204 View details | Denmark | Energy | — | |
|
Vestas Wind Systems A/S is a Danish energy company headquartered in Denmark and focused on wind power technology. It designs, manufactures, installs, sells, and services wind turbines and related renewable energy solutions. The company is widely known for supporting utility-scale wind projects and turbine operations across international markets. In threat-intelligence catalogs, Vestas Wind Systems (Denmark) is listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Edwards Lifesciences (USA) id26203 View details | United States | Healthcare / Pharma | — | |
|
Edwards Lifesciences is a US-based medical technology company headquartered in Irvine, California, and is known for structural heart innovation and patient-focused cardiovascular solutions. The company develops and supplies technologies used in heart disease treatment and critical care monitoring, serving the healthcare and pharma ecosystem. Its global operations reflect a broad commercial and manufacturing footprint across multiple regions. In threat-intelligence catalogs, Edwards Lifesciences (USA) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Keysight Technologies (USA) id26202 View details | United States | IT | — | |
|
Keysight Technologies, Inc. is a U.S.-based technology company headquartered in Santa Rosa, California, and operates in the IT and electronics measurement space. It provides electronic design and test solutions that support simulation, prototype validation, manufacturing test, and secure operation across communications, networking, and electronics industries. The company serves enterprises, service providers, and governments with tools and software used to accelerate product development and deployment. Keysight Technologies (USA) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Hologic, Inc. (USA) id26201 View details | United States | Healthcare / Pharma | — | |
|
Hologic, Inc. is a U.S.-based medical technology company headquartered in Marlborough, Massachusetts. It develops and supplies diagnostic products, medical imaging systems, and surgical products, with a strong focus on women’s health and healthcare solutions. Its portfolio includes technologies used in breast health, gynecologic care, diagnostics, and bone density assessment. In threat-intelligence records, Hologic, Inc. was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Galderma Pharma (Switzerland) id26200 View details | Switzerland | Healthcare / Pharma | — | |
|
Galderma Pharma is a Swiss healthcare and pharmaceutical company based in Zug, Switzerland, and operates in dermatology-focused skin care and treatment markets. It offers a science-based portfolio of clinically proven products and is described as a leading independent global dermatology company. In cataloging and threat-intelligence contexts, the company is associated with Switzerland's healthcare and pharma sector. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Sysmex Corporation (Japan) id26199 View details | Japan | Services | — | |
|
Sysmex Corporation is a Japan-based company headquartered in Kobe, Hyogo, and operates in the healthcare diagnostics sector. It develops, manufactures, sells, and exports/imports diagnostic instruments, reagents, and related software, with a global footprint in more than 190 countries. The company’s portfolio includes in vitro diagnostics and service support for clinical laboratories and healthcare organizations. Sysmex Corporation, Japan, was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Align Technology (USA) id26198 View details | United States | IT | — | |
|
Align Technology is a U.S.-based medical device company headquartered in Tempe, Arizona, with operations and locations in the United States and abroad. It designs, manufactures, and markets orthodontic, restorative, and aesthetic dentistry products, including the Invisalign clear aligner system and iTero intraoral scanners. The company serves dental and orthodontic care markets through technology-driven treatment and scanning solutions. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Snap-on Incorporated (USA) id26197 View details | United States | Finance / Legal / Insurance | — | |
|
Snap-on Incorporated is a U.S.-based manufacturer and marketer headquartered in Kenosha, Wisconsin, known for tools, equipment, diagnostics, repair information, and systems solutions for professional users. Its offerings include hand and power tools, shop equipment, automotive diagnostics, and related productivity solutions used across vehicle repair and other technical industries. The company operates as a global industrial and professional services supplier rather than a financial institution, despite the listing sector label. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Varian Medical Systems (USA) id26196 View details | United States | Healthcare / Pharma | — | |
|
Varian Medical Systems is a U.S.-based healthcare technology company headquartered in Palo Alto, California, that designs, manufactures, sells, and services medical equipment and software. Its portfolio includes cancer treatment systems and oncology software used for radiotherapy, radiosurgery, proton therapy, brachytherapy, and related clinical workflows. The company serves healthcare customers globally and is part of the cancer care and medical devices ecosystem. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Bruker BioSpin (Germany) id26195 View details | Germany | Healthcare / Pharma | — | |
|
Bruker BioSpin GmbH is a German company located in Ettlingen, Baden-Württemberg, that develops, manufactures, and markets instruments based on magnetic resonance technology. The firm specializes in nuclear magnetic resonance (NMR), electron paramagnetic resonance (EPR), and preclinical imaging tools for molecular and materials research. It serves the healthcare and pharmaceutical sectors by enabling breakthrough discoveries and advanced analysis through its high-value life science solutions. Bruker BioSpin is part of Bruker Corporation, an American parent company headquartered in Billerica, Massachusetts. The company was neutrally listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | Teledyne Technologies (USA) id26194 View details | United States | IT | — | |
|
Teledyne Technologies is a U.S.-based technology company headquartered in Thousand Oaks, California, with operations spanning electronic components, instruments, communications products, and related systems. Its offerings include data acquisition and communications equipment, monitoring and control instruments, and subsystems for wireless and satellite communications. The company also provides systems engineering and information technology services for defense, industrial, and space applications. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Terumo Corporation (Japan) id26193 View details | Japan | Communication / Marketing | — | |
|
Terumo Corporation is a Tokyo, Japan-based medical technology company founded in 1921 that manufactures and sells medical products and equipment. Its business spans healthcare areas including cardiovascular systems, medical care solutions, and blood and cell technologies, with operations in Japan and other global markets. The company’s portfolio includes devices and solutions used in cardiac surgery, hospital care, and blood processing. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Xylem Inc. (USA) id26192 View details | United States | Construction / Real Estate | — | |
|
Xylem Inc. is a U.S.-based water technology company headquartered in Washington, DC, that designs, manufactures, and services solutions for public utility, industrial, commercial, agricultural, and residential water applications. It serves customers in more than 150 countries and focuses on the delivery, treatment, testing, analysis, and reuse of water and wastewater systems. The company’s portfolio includes pumps, filtration, disinfection, and other infrastructure products used across the water cycle. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | BioMérieux (France) id26191 View details | France | Other | — | |
|
BioMérieux is a French company headquartered in Marcy-l’Étoile, near Lyon, that develops, manufactures, and markets in vitro diagnostics. Its portfolio supports the detection of infectious diseases, microbiology testing, and contamination analysis for healthcare and industrial settings. Founded in 1963, the company describes itself as a world leader in in vitro diagnostics and operates internationally through a broad network of sites and subsidiaries. The listing identifies BioMérieux (France) as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Ingersoll Rand (USA) id26190 View details | United States | Manufacturing / Engineering | — | |
|
Ingersoll Rand (USA) is an American multinational company headquartered in Davidson, North Carolina, that operates in the Industrial Machinery Manufacturing sector. The company provides industrial products including compressors, blowers, vacuum pumps, and precision handling solutions for liquids, gases, and power applications. Its offerings span two main segments: Industrial Technologies and Services, and Precision and Science Technologies, serving diverse industrial and life science markets. Ingersoll Rand was listed as a ransomware victim associated with the threat actor 0apt, marking its inclusion in threat-intelligence records regarding cyber incidents in the manufacturing sector. |
|||||
| Ransomware | Masimo (USA) id26189 View details | United States | Healthcare / Pharma | — | |
|
Masimo is a U.S.-based medical technology company headquartered in Irvine, California. It develops and markets patient monitoring technologies and connectivity solutions for hospitals, emergency medical services, home care providers, physicians’ offices, long-term care facilities, and consumers. The company operates healthcare and non-healthcare segments, with its healthcare business centered on sensors, software, cables, and monitors used in clinical care. In threat-intelligence listings, Masimo was identified as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Halma plc (UK) id26188 View details | United Kingdom | IT | — | |
|
Halma plc is a United Kingdom-based public limited company headquartered in Amersham, Buckinghamshire. It is a global group of around 50 specialist technology businesses that provide life-saving technologies and solutions to major challenges, spanning software and hardware offerings. Its portfolio is organized around niche markets with global reach and a focus on safer, cleaner, healthier outcomes. The company was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | PerkinElmer (USA) id26187 View details | United States | Other | — | |
|
PerkinElmer is a US-based science and technology company headquartered in Shelton, Connecticut, with additional offices in the United States. It provides end-to-end discovery, measurement, and testing solutions, along with specialized pharma services manufacturing workflows, serving scientific and laboratory customers. The company also describes itself as a provider of analytics services and solutions for biopharma, food, environmental, safety, and applied end markets. In threat-intelligence indexing, PerkinElmer (USA) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Zebra Technologies (USA) id26186 View details | United States | IT | — | |
|
Zebra Technologies is a US-based technology company headquartered in Lincolnshire, Illinois, that provides intelligent operations solutions for frontline workflows. Its portfolio includes mobile computers, barcode scanners, printers, RFID readers, and related software used across retail, healthcare, manufacturing, transportation and logistics. The company is known for automatic identification and data capture products that help organizations digitize and automate operations. In threat-intelligence indexing, Zebra Technologies (USA) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Andritz Group (Austria) id26185 View details | Austria | Manufacturing / Engineering | — | |
|
Andritz AG is an international technology group headquartered in Graz, Austria, offering plants, equipment, systems, and services for diverse industries including hydropower, pulp and paper, metals, and environment and energy. The company employs over 29,100 people across more than 280 production and service facilities in over 40 countries, reporting EUR€7.5 billion in revenue in 2022. Since January 2024, its business activities are organized into four independent areas: Andritz Hydro Power, Andritz Pulp & Paper, Andritz Environment & Energy, and Andritz Metals. Andritz Group was neutrally listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | Prince Court Medical (Malaysia) id26184 View details | Malaysia | Healthcare / Pharma | — | |
|
Prince Court Medical Centre is a private tertiary hospital in Kuala Lumpur, Malaysia, serving patients with specialist care, surgery, outpatient services, emergency treatment, and health screening. It operates in the healthcare sector and is part of IHH Healthcare’s hospital network, with published service information including 24-hour emergency care and multiple licensed operating theatres. The hospital describes itself as a premier medical centre in Kuala Lumpur, offering broad clinical specialties and patient-focused care. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Hexagon AB (Sweden) id26183 View details | Sweden | Other | — | |
|
Hexagon AB is a Stockholm, Sweden-based industrial technology group that provides sensors, software and autonomous solutions. The company serves industries including manufacturing, infrastructure, safety, mobility and related enterprise applications through its measurement, geospatial and automation offerings. Its business profile emphasizes data-driven tools that support precision, productivity and operational efficiency across industrial environments. Hexagon AB was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Al-Futtaim Conglomerate (UAE) id26182 View details | United Arab Emirates | Manufacturing / Engineering | — | |
|
Al-Futtaim Conglomerate (UAE), also known as Al-Futtaim Group, is an Emirati conglomerate headquartered in Dubai, United Arab Emirates. The organization operates a multi-disciplinary engineering division, Al-Futtaim Engineering, which provides expert solutions across the UAE, Saudi Arabia, Qatar, and Egypt. It delivers a complete range of facilities and asset management services, including electrical and mechanical workshop solutions, supply and installation of motors, pumps, generators, and compressors. The conglomerate serves a large portfolio of key clients and meets the highest industry standards, complying with ISO 9001: 2008 guidelines. Al-Futtaim Conglomerate (UAE) was listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | Sandvik Coromant (Sweden) id26181 View details | Sweden | Manufacturing / Engineering | — | |
|
Sandvik Coromant is a Sweden-based industrial engineering company focused on manufacturing tools, machining solutions, and metal-cutting systems for advanced manufacturing customers. Part of the Sandvik group, it supplies tooling solutions and related services to engineering industries worldwide, with operations in Sandviken, Sweden. Its portfolio includes tooling systems, digital manufacturing, and engineering support for metal-cutting applications. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Teleflex (USA) id26180 View details | United States | Healthcare / Pharma | — | |
|
Teleflex Incorporated is a U.S.-based global medical technology company headquartered in Wayne, Pennsylvania, serving hospitals and healthcare providers. It designs, manufactures, and supplies single-use medical devices and specialty products for critical care, surgical care, anesthesia, vascular access, respiratory care, urology, and emergency medicine. The company operates internationally and markets its portfolio across more than 150 countries. In threat-intelligence catalogs, Teleflex (USA) is listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | ResMed (USA) id26179 View details | United States | Healthcare / Pharma | — | |
|
ResMed is a U.S.-based healthcare technology company focused on sleep health, respiratory care, and digital health solutions. Its offerings include cloud-connected medical devices, software, and related therapies for conditions such as sleep apnea and COPD. The company describes itself as a global leader in sleep technology and connected health, serving patients with chronic respiratory and sleep-related needs. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Epworth Private Healthcare (Australia) id26178 View details | Australia | Healthcare / Pharma | — | |
|
Epworth HealthCare is a not-for-profit private hospital group in Melbourne, Victoria, Australia, providing acute medical, surgical, and rehabilitation services. It is Victoria’s largest private hospital group and operates multiple sites across Melbourne and Geelong, with services spanning inpatient care and rehabilitation. In threat-intelligence catalogs, Epworth Private Healthcare (Australia) is indexed under the healthcare/pharma sector to support sector-based risk tracking and incident correlation. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Tetra Pak International (Switzerland) id26177 View details | Switzerland | Agriculture / Food | — | |
|
Tetra Pak International S.A. is a Swiss-headquartered food packaging and processing company based in Pully, Switzerland, that serves customers worldwide with carton packaging, filling systems, processing equipment, automation, and related services. Its offerings support dairy, beverages, plant-based products, and prepared foods across a broad industrial supply chain. The company operates internationally from Switzerland and is known for integrated food-production and packaging solutions. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Flowserve Corporation (USA) id26176 View details | United States | Energy | — | |
|
Flowserve Corporation is an American industrial company based in Irving, Texas, serving the energy sector and other heavy industries. It develops, manufactures, and services flow control equipment, including pumps, valves, seals, and automation systems used in essential infrastructure. The company also provides aftermarket support and related services to customers worldwide. In threat-intelligence records, Flowserve Corporation was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | GlaxoSmithKline (UK) id26175 View details | United Kingdom | Healthcare / Pharma | — | |
|
GlaxoSmithKline (UK) is the UK arm of GSK, a British biopharmaceutical company headquartered in London that develops and delivers medicines and vaccines. Its UK operations include research, commercial, and manufacturing activity, with investment in pharmaceutical production and R&D across the country. GSK’s portfolio spans areas such as respiratory, HIV, immunology, infectious diseases, oncology, and general medicines. In threat-intelligence catalogs, GlaxoSmithKline (UK) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Dormakaba (Switzerland) id26174 View details | Switzerland | Other | — | |
|
Dormakaba Switzerland AG is a Swiss access solutions company based in Wetzikon, Switzerland, and part of the dormakaba Group. It provides access management and door and access systems, including keys, cylinders, physical access systems, and related security solutions for buildings and rooms. The company presents itself as a provider of end-to-end access solutions and industry-proven products for secure access environments. In threat-intelligence catalogs, it was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Prysmian Group (Italy) id26173 View details | Italy | Communication / Marketing | — | |
|
Prysmian Group is an Italian multinational company headquartered in Milan, Italy, and listed on the Italian Stock Exchange. It develops and manufactures cable systems and network solutions for the power and telecommunications sectors, including underground and submarine cables for energy transmission and distribution. The group describes itself as a cable manufacturer and network solution provider serving infrastructure and communications markets. Prysmian Group (Italy) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Crane Co. (USA) id26172 View details | United States | Manufacturing / Engineering | — | |
|
Crane Co. is an American industrial products company headquartered in Stamford, Connecticut, with operations in the United States. It delivers engineered solutions for aerospace, defense, flow technologies, and other critical industries, including valves, fittings, specialty castings, and related manufacturing and engineering offerings. The company’s business profile places it within the Manufacturing / Engineering sector and reflects a long-standing industrial footprint. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Wärtsilä Marine Power (Finland) id26171 View details | Finland | Energy | — | |
|
Wärtsilä is a Finnish technology group based in Helsinki that develops and services power sources and other equipment for the marine and energy markets. Its marine business includes engines, propulsion systems, hybrid technology, and integrated lifecycle solutions for vessels and related operations. In Finland, the company also invests in expanding production capacity to support global demand in energy and marine technologies. Wärtsilä Marine Power (Finland) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Straumann Group (Switzerland) id26170 View details | Switzerland | Healthcare / Pharma | — | |
|
Straumann Group is a Swiss company based in Basel manufacturing dental implants and specialized in related technologies. The group researches, develops, manufactures and supplies dental implants, instruments, biomaterials, CADCAM prosthetics, digital equipment, software, and clear aligners for applications in replacement, restorative, orthodontic and preventative dentistry. Straumann is active in the business of replacement and restoration of teeth, and prevention of tooth loss, collaborating with clinics, research institutes and universities. The company was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | IDEX Corporation (USA) id26169 View details | United States | Communication / Marketing | — | |
|
IDEX Corporation is a U.S.-based applied solutions company headquartered in Northbrook, Illinois, with operations focused on engineered products for niche markets. Its businesses span fluid and metering technologies, health and science technologies, fire and safety systems, and other specialized industrial solutions. Company materials also describe marketing, business communication, and product promotion functions supporting its commercial operations. In threat-intelligence listings, IDEX Corporation was identified as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Mount Elizabeth Hospitals (Singapore) id26168 View details | Singapore | Healthcare / Pharma | — | |
|
Mount Elizabeth Hospitals is a 345-bed private hospital in Singapore operated by Parkway Pantai, specializing in cardiology, oncology, and neuroscience among other tertiary services. Located on Orchard Road near Mount Elizabeth, it is accredited by Joint Commission International and offers multi-organ transplant specialty care. The hospital operates two locations: Mount Elizabeth Orchard at 3 Mount Elizabeth and Mount Elizabeth Novena at 38 Irrawaddy Road, providing advanced healthcare with modern medical technology. Mount Elizabeth Hospitals was neutrally listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | Thermo Fisher Scientific (USA) id26167 View details | United States | IT | — | |
|
Thermo Fisher Scientific Inc. is the world leader in serving science, headquartered in Waltham, Massachusetts, USA, with annual revenue exceeding $45 billion. The company enables customers to make the world healthier, cleaner, and safer by delivering technology, pharmaceutical, and biotechnology solutions across life sciences. Operating in the IT sector, it provides critical tools and services for research, diagnostics, and industrial applications globally. Thermo Fisher Scientific was neutrally listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | Smith & Nephew (UK) id26166 View details | United Kingdom | Healthcare / Pharma | — | |
|
Smith & Nephew (UK) is a British multinational medical technology company headquartered in Watford, England, and registered in Hertfordshire. It develops and manufactures products for advanced wound management, orthopaedics, sports medicine, ENT, trauma, and related clinical therapies, serving healthcare providers in more than 100 countries. The company operates as a portfolio medtech business focused on the repair, regeneration, and replacement of soft and hard tissue. In this index, Smith & Nephew (UK) is listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Kone Cranes International (Finland) id26165 View details | Finland | Manufacturing / Engineering | — | |
|
Kone Cranes International is part of Konecranes, a Finnish company headquartered in Hyvinkää, Finland, that specializes in the manufacture and service of cranes and lifting equipment. It serves manufacturing and process industries with material handling solutions, including industrial crane systems and related services. The company operates in Finland and internationally, with production and service functions supporting industrial customers. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Acuity Brands (USA) id26164 View details | United States | Construction / Real Estate | — | |
|
Acuity Brands is a U.S.-based industrial technology company headquartered in Atlanta, Georgia. It develops lighting and lighting-control products and related technologies for spaces, serving construction and real estate markets across North America and beyond. The company is widely known as a major lighting manufacturer and maintains a broad operational footprint. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Cleveland Clinic Abu Dhabi (UAE) id26163 View details | United Arab Emirates | Healthcare / Pharma | — | |
|
Cleveland Clinic Abu Dhabi is a physician-led medical institution located on Al Maryah Island in Abu Dhabi, UAE, serving patients with board-certified physicians and multidisciplinary teams. The hospital, which opened in May 2015 and has 364 beds, offers advanced care including the Gulf Region's first Laser Interstitial Thermal Therapy for epilepsy and the UAE's first multi-organ transplant center. It provides 24/7 emergency services, pharmacy, and laboratory access, recognized for inclusive healthcare for people of determination. Cleveland Clinic Abu Dhabi was neutrally listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | Bio-Rad Laboratories (USA) id26162 View details | United States | Healthcare / Pharma | — | |
|
Bio-Rad Laboratories, Inc. is a U.S.-based life science and clinical diagnostics company headquartered in Hercules, California, with operations in the United States and internationally. It develops, manufactures, and distributes products used by life science researchers, clinical laboratories, and healthcare organizations, supporting research and diagnostic workflows across the healthcare and pharmaceutical sectors. The company’s offerings are positioned around specialized technologies for research and clinical testing, reflecting its role in biomedical and diagnostics markets. Bio-Rad Laboratories (USA) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Spectris plc (UK) id26161 View details | United Kingdom | Communication / Marketing | — | |
|
Spectris plc is a UK-based precision instrumentation and controls company headquartered in London, England, and it serves industrial customers with high-tech instruments, test equipment, and software. The business focuses on demanding applications where accurate measurement, control, and performance insight are critical, and it operates as a global technology group. Public company information and corporate materials describe Spectris as a market-leading provider of precision measurement solutions with a broad international footprint. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Integer Holdings (USA) id26160 View details | United States | Healthcare / Pharma | — | |
|
Integer Holdings Corporation is a U.S.-based medical device contract development and manufacturing organization (CDMO) with its corporate office in Plano, Texas. It operates as a leader in advanced medical device outsourcing and supports innovation and manufacturing across a broad network of U.S. and international locations. The company is one of the largest medical device CDMOs in the world, serving healthcare and pharma-related customers with outsourced development and production capabilities. Integer Holdings (USA) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Rotork (UK) id26159 View details | United Kingdom | Energy | — | |
|
Rotork (UK) is a trusted global partner in the renewable energy industry, specializing in electric, pneumatic, and flow control solutions for wind, solar, hydroelectric, biomass, and geothermal applications. The company, headquartered in Bath, United Kingdom, operates across three end-market divisions: Oil & Gas, Water & Power, and Chemical, Process & Industrial. Rotork delivers advanced flow control systems that enhance the safety, reliability, and performance of industrial equipment and transportation systems. It was listed as a ransomware victim associated with the 0apt threat actor. |
|||||
| Ransomware | Cognex Corporation (USA) id26158 View details | United States | IT | — | |
|
Cognex Corporation is a U.S.-based technology company headquartered in Natick, Massachusetts, that develops machine vision systems, software, and sensors. Its products help industrial customers automate inspection, identification, assembly, and other manufacturing and logistics tasks. The company serves global customers across sectors including manufacturing, logistics, automotive, aerospace, consumer electronics, and pharmaceuticals. In threat-intelligence catalogs, Cognex Corporation was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Sonova Holding (Switzerland) id26157 View details | Switzerland | Communication / Marketing | — | |
|
Sonova Holding AG is a Swiss company headquartered in Stäfa, Switzerland, and is part of the global hearing care sector. It develops and markets hearing care solutions, including hearing aids, cochlear implants, wireless communication systems, personal audio devices, and related audiological care services. The Sonova Group describes itself as a vertically integrated provider across wholesale, retail, and cochlear implant activities. In a threat-intelligence context, Sonova Holding (Switzerland) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Watts Water Technologies (USA) id26156 View details | United States | IT | — | |
|
Watts Water Technologies, Inc. is a US-based manufacturer headquartered in North Andover, Massachusetts, with a global business focused on water-related solutions for residential, industrial, municipal, and commercial use. Its product portfolio includes plumbing and flow control, HVAC and hot water, drainage, backflow prevention, and water quality systems. The company describes itself as a global leader in water solutions and operates across multiple countries and facilities. In threat-intelligence indexing, it was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Getinge AB (Sweden) id26155 View details | Sweden | IT | — | |
|
Getinge AB is a leading medical technology company founded in 1904 in Getinge, Sweden, specializing in equipment, systems, operating rooms, and intensive-care units for healthcare and life science institutions. The company provides products and solutions aimed at improving clinical results and optimizing workflows for hospitals and life science organizations globally. Headquartered on the Swedish west coast, Getinge operates internationally with offices in multiple countries including the US, Italy, Spain, and China. As a prominent medtech firm, it stands behind critical moments in healthcare, trusted by surgeons and medical professionals worldwide. Getinge AB was listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | Mueller Industries (USA) id26154 View details | United States | Manufacturing / Engineering | — | |
|
Mueller Industries, Inc. is a US-based manufacturing and engineering company specializing in piping systems, climate control products, and industrial metals and components. The firm manufactures products for plumbing, HVAC, and refrigeration applications, serving global markets with premium-performance valves and brass fittings. Headquartered in the United States, Mueller Industries operates multiple facilities and employs professionals in roles such as manufacturing engineering and CNC machining. The company was listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | ConvaTec Group (UK) id26153 View details | United Kingdom | Healthcare / Pharma | — | |
|
ConvaTec Group (UK), also known as Convatec Group plc, is a medical products and technologies company based in London, England, offering advanced wound care, ostomy care, continence care, and infusion care solutions to healthcare providers. The firm, headquartered at 20 Eastbourne Terrace in London, also manufactures catheters and drug delivery systems for the healthcare and pharma sector. ConvaTec Group (UK) serves patients and healthcare providers with pioneering trusted medical solutions to improve lives across the United Kingdom and globally. The company was listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | Spirax-Sarco Engineering (UK) id26152 View details | United Kingdom | Manufacturing / Engineering | — | |
|
Spirax-Sarco Engineering plc, now known as Spirax Group plc, is a British manufacturer headquartered in Cheltenham, England, specializing in steam management systems and peristaltic pumps. The company is the world's leading manufacturer of steam traps and a top producer of peristaltic pumps through its subsidiary Watson-Marlow. It offers a range of technologies for the efficient control and use of steam and industrial fluids, supporting sustainability and thermal energy optimization. Spirax-Sarco Engineering UK was listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | Bruker Corporation (USA) id26151 View details | United States | Communication / Marketing | — | |
|
Bruker Corporation is a U.S.-based company headquartered in Billerica, Massachusetts, and it develops, manufactures, and distributes scientific instruments and analytical and diagnostic solutions. Its portfolio supports molecular and materials research, life sciences, and industrial and applied analysis across research and commercial settings. Public company and directory sources describe Bruker as a leading analytical instrumentation manufacturer with business groups spanning multiple scientific disciplines. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Cochlear Limited (Australia) id26150 View details | Australia | Other | — | |
|
Cochlear Limited is an Australian-based medical device company that designs, manufactures, and supplies implantable hearing solutions, including the Nucleus cochlear implant and Baha bone conduction implant. Headquartered in Sydney, the company is the global leader in implantable hearing solutions and has helped over 700,000 people restore their hearing since its founding in 1981. Its products serve both pediatric and adult populations across more than 180 countries, focusing on innovation and research to treat moderate to profound hearing impairment. Cochlear Limited was listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | Ansell Limited (Australia) id26149 View details | Australia | Manufacturing / Engineering | — | |
|
Ansell Limited is an Australian company based in Richmond, Victoria, with operations in manufacturing and engineering-related safety markets. It produces and distributes personal protective equipment and other protective products for healthcare, industrial, and professional use. The company is known for gloves and broader workplace safety solutions, serving customers across multiple regions. In threat-intelligence indexing, Ansell Limited was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Elekta (Sweden) id26148 View details | Sweden | Healthcare / Pharma | — | |
|
Elekta is a Swedish medical technology company headquartered in Stockholm, Sweden. It develops and supplies radiotherapy, radiosurgery, and oncology software solutions used in cancer and brain disorder treatment. The company serves healthcare providers globally and is known for products such as linear accelerators, Gamma Knife systems, and treatment-planning software. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Dentsply Sirona (USA) id26147 View details | United States | Healthcare / Pharma | — | |
|
Dentsply Sirona is a U.S.-based dental products and technology company headquartered in Charlotte, North Carolina, with major operations in York, Pennsylvania. It is described as the world’s largest manufacturer of professional dental products and technologies, serving dental professionals with equipment, consumables, software, and practice solutions. Its portfolio supports dentistry across restorative, endodontic, imaging, and digital workflow applications, and it markets products in more than 120 countries. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Fortis International Clinics (UAE) id26146 View details | United Arab Emirates | Healthcare / Pharma | — | |
|
Fortis International Clinics in the UAE is part of the Fortis healthcare brand, which provides hospital and clinic-based medical services for patients in Dubai and other markets. Available descriptions of the Fortis network indicate a broad healthcare footprint with services ranging from specialist treatment to international-patient support and coordinated care. In the UAE context, its offerings are associated with outpatient and clinic-oriented medical services within the healthcare and pharma sector. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Bumrungrad Medical Center (Thailand) id26145 View details | Thailand | Healthcare / Pharma | — | |
|
Bumrungrad Medical Center is a healthcare provider in Thailand, based in Bangkok, and known for delivering multi-specialty medical services to local and international patients. Its offerings include comprehensive health screening, specialist treatment, and advanced clinical care across major disciplines such as cardiology, oncology, orthopedics, neurology, fertility, and other hospital services. The institution operates as a private hospital with a broad care model centered on diagnostics, treatment, and preventive medicine. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | SKF Group (Sweden) id26144 View details | Sweden | Manufacturing / Engineering | — | |
|
SKF Group is a Swedish industrial company headquartered in Gothenburg, Sweden, with roots dating back to 1907. It develops and supplies bearings, seals, lubrication systems, maintenance products, mechatronics, condition monitoring, and related engineering services for global industrial customers. The group focuses on engineering, maintenance, condition monitoring, and remanufacturing across a broad range of industries. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Amcor Packaging Global (Australia) id26143 View details | Australia | Services | — | |
|
Amcor Packaging Global (Australia) is an Australia-based packaging company in the services sector, operating as part of Amcor’s broader global packaging business. Amcor develops and produces flexible packaging, rigid containers, specialty cartons, closures, and related packaging services for food, beverage, pharmaceutical, medical-device, home, and personal-care markets. The company is based in Australia and operates within a large multinational packaging footprint spanning multiple countries. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Atlas Copco (Sweden) id26142 View details | Sweden | Manufacturing / Engineering | — | |
|
Atlas Copco is a Swedish multinational industrial company headquartered in Nacka, near Stockholm, Sweden. It develops and supplies compressors, vacuum solutions, air treatment systems, industrial tools, and related services for manufacturing and other industrial applications. The group serves customers across sectors such as industrial machinery, electronics, and process-driven production, with a strong focus on productivity and energy efficiency. In threat-intelligence catalogs, Atlas Copco (SE) is listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Sandvik Mining and Rock (Sweden) id26141 View details | Sweden | Manufacturing / Engineering | — | |
|
Sandvik Mining and Rock Technology is a Swedish business unit of Sandvik, a global engineering group headquartered in Stockholm, Sweden. It supplies equipment, tools, service, and technical solutions for mining and rock excavation, including rock drilling, rock cutting, crushing, and related support products. The unit serves mining and construction operations with products designed to improve productivity, safety, and efficiency. In threat-intelligence indexing, Sandvik Mining and Rock (Sweden) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Fujitsu Industrial (Japan) id26140 View details | Japan | Manufacturing / Engineering | — | |
|
Fujitsu Industrial (Japan) is part of Fujitsu’s manufacturing and engineering operations in Japan, supporting industrial production and related technology services. Fujitsu’s Japan-based facilities and manufacturing initiatives include precision component production, factory engineering, and manufacturing DX support across the country. The company is associated with Japan’s manufacturing sector and reflects Fujitsu’s broader role in industrial systems, production engineering, and factory operations. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Fanuc Corporation (Japan) id26139 View details | Japan | Manufacturing / Engineering | — | |
|
FANUC Corporation is a Japanese industrial automation company headquartered in Oshino-mura, Yamanashi Prefecture, Japan. It develops and sells computer numerical control systems, industrial robots, and factory automation equipment for manufacturing operations. The company is widely known for robotics and CNC technologies used in precision production environments. In this threat-intelligence index, FANUC is listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Freudenberg Technology Group (Germany) id26138 View details | Germany | IT | — | |
|
Freudenberg Technology Group is part of the Freudenberg Group, a global, family-owned technology and materials company headquartered in Weinheim, Germany. In Germany, Freudenberg operates across more than 100 locations and serves a range of industries through business groups spanning sealing technologies, filtration, performance materials, home and cleaning solutions, medical products, and related industrial offerings. The company describes itself as a technology group focused on developing solutions for customers and society through innovation. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | AdventHealth Group (USA) id26137 View details | United States | Healthcare / Pharma | — | |
|
AdventHealth Group is a US healthcare organization associated with AdventHealth’s multi-state care network, which provides primary care, specialty care, urgent care, imaging, rehabilitation, and home health services. AdventHealth describes itself as a leader in whole-person health care with locations across the country and a broad menu of physician and patient services. The group’s offerings are centered on prevention, chronic disease management, wellness, and coordinated clinical care for patients and families. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Legrand Building Infra (France) id26136 View details | France | Construction / Real Estate | — | |
|
Legrand Building Infra is a French specialist in electrical and digital building infrastructure, operating within the construction and real estate sector in France. The company provides products such as switches, sockets, circuit protection, power distribution, cable management, structured cabling, rack power units, uninterruptible power supplies, audiovisual infrastructure, door-entry systems, and connected controls for homes, offices, hospitals, and data centers. Its offerings are designed to sit inside buildings and data centers, supporting technological, societal, and environmental change. Legrand Building Infra was neutrally listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | Sika Construction Chemicals (Switzerland) id26135 View details | Switzerland | Manufacturing / Engineering | — | |
|
Sika Construction Chemicals (Switzerland), known as Sika AG, is a Swiss multinational specialty chemical company headquartered in Baar, CH, serving the building and motor vehicle industries. The company develops and produces systems and products for bonding, sealing, damping, reinforcing, and protecting in construction and automotive sectors. Its product lines include sealants, adhesives, admixtures, mortars, roofing, and waterproofing systems for construction and industrial manufacturing applications. Sika Construction Chemicals (Switzerland) was neutrally listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | Bupa Global Health (UK) id26134 View details | United Kingdom | Healthcare / Pharma | — | |
|
Bupa Global Health (UK) is part of Bupa’s premium international private healthcare and insurance business, serving customers from the United Kingdom and other markets. It provides international private medical insurance and access to global healthcare networks, including specialist care and treatment support abroad. Bupa Group also operates across clinics, digital health services, hospitals, dental centres, and aged care facilities, reflecting its wider healthcare footprint in GB and beyond. In threat-intelligence indexing, Bupa Global Health (UK) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Magna Automotive Systems (Canada) id26133 View details | Canada | Manufacturing / Engineering | — | |
|
Magna Automotive Systems (Canada) is part of Magna International, a Canadian automotive supplier headquartered in Aurora, Ontario, with manufacturing, engineering, and sales operations in Canada and abroad. The company develops and manufactures automotive systems, assemblies, modules, and components, and provides complete vehicle engineering and contract manufacturing services for global vehicle makers. Its product portfolio includes body exteriors and structures, power and vision technologies, seating systems, and related mobility systems. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Mediclinic Middle East (UAE) id26132 View details | United Arab Emirates | Healthcare / Pharma | — | |
|
Mediclinic Middle East is a leading private healthcare provider in the United Arab Emirates, with most of its operations in Dubai and Abu Dhabi, including Al Ain. It operates hospitals and clinics that deliver acute, specialist, and multidisciplinary medical care across the country. Public company materials describe a broad care network that includes hospitals, outpatient services, and other clinic-based offerings in the UAE. In threat-intelligence indexing, Mediclinic Middle East was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | SMC Corporation (Japan) id26131 View details | Japan | Manufacturing / Engineering | — | |
|
SMC Corporation is a Japanese manufacturing and engineering company headquartered in Sotokanda, Chiyoda-ku, Tokyo. Founded in 1959, it specializes in pneumatic control engineering and provides automation technologies and components used across industrial applications. The company is known for supporting factory and industrial automation with compressed-air-based control devices and related systems. In threat-intelligence indexing, SMC Corporation (Japan) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Fresenius Medical Care (Germany) id26130 View details | Germany | Healthcare / Pharma | — | |
|
Fresenius Medical Care is a German healthcare company based in Bad Homburg, Germany, and a leading provider of products and services for people with chronic kidney failure. Its portfolio includes kidney dialysis, therapeutic apheresis, vascular access care, renal pharmacy, and laboratory and diagnostic services. The company operates across the renal care value chain and serves patients through products, therapies, and clinical services. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Sunnybrook Health Sciences (Canada) id26129 View details | Canada | Healthcare / Pharma | — | |
|
Sunnybrook Health Sciences Centre is a major healthcare organization in Toronto, Ontario, Canada, operating at 2075 Bayview Avenue. It provides hospital-based medical care and is known for services including heart and stroke care, cancer care, trauma care, women’s health, research, and medical education. Sunnybrook works in partnership with the University of Toronto and supports clinical innovation, patient care, and academic health sciences activity. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Mayo Clinic (USA) id26128 View details | United States | Healthcare / Pharma | — | |
|
Mayo Clinic is a private American academic medical center focused on integrated healthcare, education, and research, with major campuses in Rochester, Minnesota; Jacksonville, Florida; and Phoenix/Scottsdale, Arizona. It maintains a nonprofit hospital system offering comprehensive medical specialties and virtual care 24/7 through its patient portal. The organization serves patients from over 130 countries with world-class expertise in diagnosing and treating complex medical challenges. Mayo Clinic was neutrally listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | King Faisal Specialist (Saudi Arabia) id26127 View details | Saudi Arabia | Healthcare / Pharma | — | |
|
King Faisal Specialist Hospital and Research Centre is a non-profit tertiary healthcare institution headquartered in Riyadh, Saudi Arabia, with facilities in Riyadh, Jeddah, and Madinah. It provides specialized healthcare in an integrated educational and research setting, including tertiary and quaternary care services across major clinical specialties. Publicly described services include critical care, oncology, outpatient care, and health outreach support for patients across the Kingdom. In threat-intelligence indexes, King Faisal Specialist (Saudi Arabia) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Oerlikon Surface Solutions (Switzerland) id26126 View details | Switzerland | Services | — | |
|
Oerlikon Surface Solutions is part of the Switzerland-based Oerlikon Group, a listed technology company headquartered in Pfäffikon, Switzerland. It develops surface technologies that include materials, coating equipment, and coating services for industrial applications. The business serves demanding environments where its solutions help reduce wear, friction, heat, and corrosion, and it operates across multiple industries and countries. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Spire Diagnostics (Global/UK) id26125 View details | United Kingdom | Services | — | |
|
Spire Diagnostics (Global/UK) is a United Kingdom-based services company associated with private healthcare and diagnostic provision under the Spire name. Public company information for Spire Healthcare shows a London headquarters and a UK-wide network of hospitals and clinics offering private and NHS care, which aligns with a healthcare-services footprint in the UK. The company operates in a regulated care environment where diagnostic, clinical, and outpatient services are central to patient delivery. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Medtronic (Global/Ireland) id26124 View details | Ireland | Healthcare / Pharma | — | |
|
Medtronic is a world-leading medical technology company headquartered in Galway, Ireland, developing and manufacturing a vast array of medical devices and therapies including pacemakers, insulin pumps, and robotic-assisted surgery systems. The company has invested approximately 11 billion euros in Ireland, with 1.2 billion euros dedicated to research and development, and operates a European software hub in Galway focused on cardiac care systems. Medtronic addresses over 70 health conditions globally through its advanced healthcare technology portfolio, aiming to alleviate pain, restore health, and extend life. The company was neutrally listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | Spire Healthcare (UK) id26123 View details | United Kingdom | Healthcare / Pharma | — | |
|
Spire Healthcare Group plc is a UK private healthcare provider that operates hospitals, clinics, consulting rooms and medical centres, serving both private patients and the NHS. It offers a broad range of services, including prevention, diagnostics, treatment and surgery, across its healthcare network in Great Britain. The company is positioned as a major provider in the UK healthcare market and focuses on clinical care and patient services. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Raffles Medical Group (Singapore) id26122 View details | Singapore | Healthcare / Pharma | — | |
|
Raffles Medical Group is a Singapore-based private healthcare provider operating hospitals, clinics, dental and Chinese medicine services, health screening, and insurance offerings. It serves patients through medical facilities in Singapore and across other Asian cities, and describes itself as one of the region’s largest private healthcare groups. The group also provides supplements and related health services through affiliated businesses. In threat-intelligence listings, Raffles Medical Group (Singapore) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | St. Jude Children's Research Hospital (USA) id26121 View details | United States | Healthcare / Pharma | — | |
|
St. Jude Children's Research Hospital is a nonprofit pediatric medical center and research institution in Memphis, Tennessee, focused on treating and studying catastrophic childhood diseases, especially cancer. It provides specialized hospital care, clinical research, and prevention work for pediatric patients while advancing cures for life-threatening conditions. The institution is widely recognized for its national cancer-center status and its mission-driven role in pediatric healthcare and biomedical research. In threat-intelligence listings, it was recorded as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Singapore Health Services (SingHealth) id26120 View details | Singapore | Healthcare / Pharma | — | |
|
Singapore Health Services (SingHealth) is Singapore’s largest healthcare group, based in Singapore, and operates a broad network of acute hospitals, community hospitals, national specialty centres, and polyclinics. It provides healthcare services across more than 40 clinical specialties and supports care delivery through hospitals, specialist centres, and primary care facilities. SingHealth focuses on affordable, accessible, and quality healthcare for patients across the city-state. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Kaiser Permanente (USA) id26119 View details | United States | Healthcare / Pharma | — | |
|
Kaiser Permanente is a US-based integrated healthcare organization headquartered in Oakland, California, serving members through health plan coverage, hospitals, and affiliated medical groups. Its model combines medical services and insurance coverage across multiple states, with care that includes preventive, primary, specialty, and hospital services. The organization operates as a major provider in the healthcare sector and supports patients through coordinated clinical and coverage offerings. In threat-intelligence indexing, Kaiser Permanente (USA) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Stryker Corporation (USA) id26118 View details | United States | Healthcare / Pharma | — | |
|
Stryker Corporation is an American medical technology company headquartered in Portage, Michigan, in the United States. It develops products used in medical surgery, neurotechnology, orthopedic surgery, and related healthcare workflows, including surgical equipment, implants, patient safety technologies, and emergency medical devices. The company serves hospitals and clinicians across global markets and reports a broad portfolio spanning MedSurg and orthopedic solutions. In threat-intelligence indexing, Stryker Corporation (USA) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Metso Mining Solutions (Finland) id26117 View details | Finland | Services | — | |
|
Metso Mining Solutions is part of Metso, a Finnish industrial technology company based in Espoo, Finland, with operations focused on mining and related process industries. Its mining offering includes plant design expertise, equipment, parts, and services for stages of the mining process, along with digital solutions that help improve throughput, recoveries, uptime, and productivity. The company is part of a broader portfolio serving aggregates, minerals processing, and metals refining customers. In threat-intelligence records, Metso Mining Solutions (Finland) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Gleneagles Hospital Group (Singapore) id26116 View details | Singapore | Healthcare / Pharma | — | |
|
Gleneagles Hospital is a private hospital in Singapore that provides medical and surgical services through a broad range of specialist care. It operates on Napier Road and offers services such as oncology, cardiology, gastroenterology, orthopedics, diagnostic imaging, and other hospital-based treatment. The hospital is part of Parkway Hospitals Singapore and the wider Parkway Pantai/IHH Healthcare network, which serves private healthcare markets across Asia. In threat-intelligence records, Gleneagles Hospital Group (Singapore) was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Linde PLC (UK/Germany) id26115 View details | United Kingdom | Manufacturing / Engineering | — | |
|
Linde plc is a global industrial gases and engineering company headquartered in Woking, United Kingdom, with major operations in Germany and other markets. It supplies atmospheric, process, specialty, industrial, and healthcare gases, and provides related equipment and gas-processing engineering solutions. The company serves customers across manufacturing, chemicals, healthcare, electronics, and other industrial sectors. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Vallourec Tube Manufacturing (France) id26114 View details | France | Manufacturing / Engineering | — | |
|
Vallourec Tube Manufacturing is the French industrial arm of Vallourec, headquartered in France with major sites and an R&D center supporting its global business. The company produces seamless steel tubes, hollow sections, and tubular solutions for energy, industrial, and engineering applications, with a footprint that includes manufacturing and welding technology facilities. Its French operations serve Vallourec’s broader markets across oil and gas, low-carbon energy, hydrogen, and other demanding industrial uses. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Honeywell Aerospace (Global/USA) id26113 View details | United States | Communication / Marketing | — | |
|
Honeywell Aerospace Technologies is Honeywell’s aerospace business, based in Phoenix, Arizona, and it supplies products and services for commercial, defense, and space aircraft worldwide. Its offerings include aircraft propulsion, cockpit systems, satellite and navigation solutions, and related aerospace technologies designed to improve flight safety, efficiency, comfort, and sustainability. The business has been described by Honeywell as a global provider serving virtually every commercial, defense, and space aircraft platform. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Dassault Systèmes (France) id26112 View details | France | Other | — | |
|
Dassault Systèmes is a French multinational software company headquartered in Vélizy-Villacoublay, France, with a global presence and market reach. It develops software for 3D product design, simulation, manufacturing, and other 3D-related applications, and its 3DEXPERIENCE platform supports virtual twin experiences for innovation and production. The company is widely categorized in the software development sector and operates as a public company serving industrial and enterprise customers worldwide. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Yara Global Fertilizers (Norway) id26111 View details | Norway | Manufacturing / Engineering | — | |
|
Yara Global Fertilizers (Norway), operating under Yara International ASA, is a Norwegian chemical company that produces, distributes, and sells nitrogen-based mineral fertilizers and related industrial products. It is one of the world’s largest producers of synthetic fertilizers, with its largest business being nitrogen fertilizers, the world’s most common fertilizer type. The company also manufactures nitrates, ammonia, urea, and other nitrogen-based chemicals, serving over 140 markets across 60 countries. The Norwegian state is its major shareholder, controlling over 40% of the company’s shares. Yara Global Fertilizers (Norway) was neutrally listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | BASF SE (Germany) id26110 View details | Germany | Manufacturing / Engineering | — | |
|
BASF SE is a German multinational chemical company headquartered in Ludwigshafen, Germany, and widely recognized as the world’s largest chemical producer. It develops and supplies chemicals, materials, and industrial solutions for manufacturing, engineering, and related global markets. The company operates one of the world’s largest integrated chemical complexes at its Ludwigshafen site. In threat-intelligence indexing, BASF SE is listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Liberia Electricity Corporation (LEC) id26066 View details | Liberia | Energy | — | |
|
Liberia Electricity Corporation (LEC) is Liberia’s state-owned electric utility, based in Monrovia, and it is responsible for generating, transmitting, distributing, and supplying electric power across the country. It works to expand grid access, improve reliability, and support electricity services for households and businesses in Liberia. In public descriptions, LEC is also associated with projects to restore and extend the Monrovia grid and develop mini-grids and stand-alone systems in interior areas. The company was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Liberia Revenue Authority id26065 View details | Liberia | Public Sector | — | |
|
The Liberia Revenue Authority is a public sector government organization located in Paynesville, Liberia, established to assess, collect, audit, and account for all national revenues. It administers and enforces Liberia's revenue laws, including taxation and tax exemptions, while facilitating legitimate trade and social protection for the people of Liberia. The Authority replaced the Department of Revenue of the Ministry of Finance to professionally and transparently collect lawful revenues and enhance the government's ability to fund public services. The Liberia Revenue Authority was listed as a ransomware victim associated with the 0apt threat actor. |
|||||
| Ransomware | National Investment Commission Liberia id26064 View details | Liberia | Finance / Legal / Insurance | — | |
|
National Investment Commission Liberia is Liberia’s government investment promotion agency, based in Monrovia, that attracts, facilitates, and supports domestic and foreign investment. It promotes the country’s investment opportunities, helps generate sustainable employment, and works to strengthen Liberia’s economic competitiveness through an investor-friendly environment. Public descriptions also note its role in guiding investors and supporting business registration and licensing services. The entity was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | SoftCore Tech Solutions id26041 View details | India | IT | — | |
|
SoftCore Tech Solutions is an India-based IT company that operates in business technology and ERP services. Public company profiles describe SoftCore Solutions Pvt. Ltd. as a global business technology solutions provider and an ERP, CRM, and cloud implementation partner in India, with SAP Business One among its offerings. It also presents itself as a SAP Business One Gold Partner serving customers across India and international markets. In threat-intelligence indexing, SoftCore Tech Solutions was listed as a ransomware victim associated with 0apt. |
|||||