Ransomware Group: INTERLOCK

VICTIM NAME: The Smeg Group

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INTERLOCK Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The leak page concerns Smeg, an Italian home appliance manufacturer known for its large collection of corporate documents, including sensitive information. This ransomware incident involved the extraction and public sharing of company-related documents, which allegedly includes a dump of email accounts for all employees. The compromise was discovered on March 1, 2025, although the specific details regarding how the breach occurred remain unspecified. The leak presents significant risks, given the nature of the exposed data, which can have implications for both employee privacy and business operations.

The Smeg Group operates within the manufacturing sector in Italy. The leak page indicates that a total of 17 users’ accounts were compromised, with 6 URLs linked to these accounts. While no specific personal identifiable information (PII) was disclosed in the summary, the nature of the leaked documents raises concerns about employee data security. Furthermore, images of internal documents and a screenshot of the leak page are available, visually exemplifying the severity of the breach. Companies in similar industries should examine their cybersecurity measures to prevent similar ransomware incidents.