Ransomware Group: LOCKBIT3

VICTIM NAME: nicatel[.]com[.]uy

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the LOCKBIT3 Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page for NICATEL S.A., an official distributor of mobile phones and accessories, highlights a significant data compromise incident. The company has been operational since 2007 for Samsung products and since 2018 for Havit. The leak was discovered on January 13, 2025, with the page indicating that important company-related information has been exposed. While specific compromise details are not available, the post suggests that sensitive data pertaining to the company’s operations could potentially be at risk due to the cyberattack orchestrated by the LockBit3 group. The leaked content appears to target stakeholders and may include critical operational insights.

Additional information about the incident includes references to a theft of data affecting both internal and third-party users. The reported counts indicate no direct compromise of employee data but mention possible breaches involving third-party domains. The leak page also presents a screenshot, implying the inclusion of visual documentation relevant to the incident. As NICATEL S.A. operates within the mobile technology sector in Uruguay, this ransomware event poses potential ramifications for its business activities and client trust. The presence of the group’s new post suggests ongoing ransomware attacks targeting various sectors, amplifying concerns over cybersecurity in the industry.