Ransomware: AiLock claims Hokua (CL) — Not Found

A new ransomware incident has been reported involving a group called AiLock, which claims to have targeted an entity named Hokua, based in CL, likely Chile. The publication on ransomware.live on 26 June 2026, under the BREACH framework, indicates that the victim’s data may have been exfiltrated or encrypted, though the specific impact is not yet confirmed. This is a notification of a potential data security event, not a regulatory change, but it signals an active threat that may trigger breach reporting obligations under EU data protection laws.

Organizations in the CL region, particularly those in critical infrastructure, technology, or service sectors, should assess if they or their partners are connected to Hokua. Any EU-based entity with data processing links to this victim, or using similar systems, may face indirect exposure. Compliance teams must verify if personal data of EU residents could be involved, as this would require notification to supervisory authorities under GDPR within 72 hours.

Compliance teams should immediately review their incident response plans, confirm contact with relevant data protection authorities, and conduct a preliminary risk assessment. They should also monitor ransomware.live and similar threat intelligence sources for updates, and ensure that business continuity and data backup protocols are tested. Proactive communication with legal and IT security teams is essential to determine if a breach notification is necessary.