A new ransomware incident has been published on the ransomware.live leak site, claiming that the group "gunra" has attacked Yuditec S.A., a Uruguayan company. The entry, titled "Not Found," was…
Ransomware: gunra claims on-us (HK) — Not Found
BREACH. Sourced from ransomwarelive, summarised by Matproof.
AI Analysis
What changed and what to do.
A new ransomware incident has been published on the ransomware.live leak site, attributed to the threat group "gunra," targeting an entity identified as "on-us (HK)." The entry, dated 30 June 2026, is listed under the BREACH framework but provides no further details, indicating the victim's data may have been compromised or is being held for extortion. The "Not Found" status suggests the specific leak page may be inaccessible or the claim is unverified, but the publication itself signals a confirmed attack attempt.
This incident primarily affects the Hong Kong-based organization "on-us," likely a financial services or payment processing firm given the "on-us" terminology. However, the ransomware group's broader targeting could extend to other financial institutions, payment processors, or data handlers in the Asia-Pacific region. Compliance teams in regulated sectors, especially those handling sensitive financial data, should treat this as a credible threat indicator.
Compliance teams should immediately verify if their organization or any third-party partners have connections to the "on-us" entity or similar Hong Kong-based operations. Review incident response plans for ransomware scenarios, ensure data backups are isolated and tested, and confirm that breach notification procedures align with relevant frameworks like GDPR or local HK data protection laws. Monitor ransomware.live and threat intelligence feeds for further details, and consider escalating this to your security operations center for proactive threat hunting.
This summary is AI-generated for orientation purposes. For regulatory action, always consult the original source linked above.
More BREACH updates
Latest in BREACH.
A new ransomware incident has been published on the ransomware.live leak site, claiming that the criminal group "cmdorganization" has compromised Medlink Georgia, a healthcare organization based in…
A new ransomware incident has been published on the ransomware.live leak site, involving a US-based manufacturing company, Port Angeles Composite. The breach was posted on June 30, 2026, under the…
On June 30, 2026, a ransomware group known as blacknevas publicly claimed responsibility for a cyberattack against Arkin Group, a business services firm. The claim was published on the…
Map this to your controls
Connect regulatory changes to your compliance work.
Matproof maps every regulator update directly to your controls and surfaces the ones that affect your organisation — across 21 frameworks.