Ransomware: krybit claims schultz.com.br (BR) — Business Services

A new ransomware incident has been publicly reported involving the Brazilian business services firm schultz.com.br, claimed by the threat actor group Krybit. The event was published on the ransomware.live leak site on June 5, 2026, under the BREACH framework. This indicates that sensitive data may have been exfiltrated and could be released or sold if demands are not met. The specific nature of the breach and the data involved are not yet fully detailed, but the targeting of a business services provider suggests potential exposure of client or operational records.

Organizations in the business services sector, particularly those operating in Brazil or with Brazilian clients, are directly affected. However, any EU-based company that shares data with or relies on such service providers should also consider themselves indirectly at risk. The ransomware group Krybit has been active in targeting mid-sized firms, and this incident underscores the ongoing threat to supply chain integrity and data confidentiality.

Compliance teams should immediately verify whether their organization or any third-party vendors have a relationship with schultz.com.br or similar Brazilian business services firms. If so, assess whether any shared data could be compromised and review incident response plans for ransomware scenarios. Additionally, ensure that breach notification obligations under GDPR or local data protection laws are understood, as any confirmed data exposure involving EU residents may require reporting to supervisory authorities within 72 hours. Finally, reinforce employee training on phishing and ransomware vectors, as these are common entry points for groups like Krybit.