AbelZeta Listed by spacebears Ransomware Group
AbelZeta Pharma is a global cell therapy leader focused on discovering, developing and manufacturing therapeutics to address unmet medical needs across hematologic malignancies, inflammatory and immunological diseases and solid tumors.Partners: AstraZeneca, Janssen (J&J), NovartisInvestors: HSG, Yunfeng Capital, GIC, TF Capital, CICC Capital, Sailing Capital, Dangdai Group, AstraZeneca-CICC Fund170,000+ different files670+ separate archives with experiments on various candidates All studies: CAR032, CAR39, CAR66, CAR168, TIL, CD, Tcell, etc. There are a huge number of files and studies, all of
On March 10, 2026, the ransomware group known as spacebears added AbelZeta Pharma to its leak site and began publishing more than 170,000 internal files stolen from the cell-therapy company.
Confirmed Details of the Breach
Public reporting indicates that spacebears exfiltrated data from AbelZeta before encrypting systems and demanding payment. The leaked material consists of 670 separate archives containing research files tied to multiple drug candidates. Among the exposed studies are those labeled CAR032, CAR39, CAR66, CAR168, TIL, CD, and Tcell. The company develops treatments for blood cancers, inflammatory conditions, and solid tumors and maintains partnerships with AstraZeneca, Janssen, and Novartis.
Available reporting describes the volume of stolen information as substantial, though the exact number of individuals whose personal data may be included remains unknown. No evidence has surfaced that customer records or patient information formed the primary target, yet the breadth of internal documentation increases the chance that employee, partner, or research-participant details were swept up in the exfiltration.
Why This Matters for You and Your Family
When a company like AbelZeta suffers a breach, the information that surfaces can travel far beyond the corporate perimeter. Employees, contractors, clinical-trial participants, and even vendors may find their names, contact details, or project assignments exposed. Once those details reach public leak sites, they become raw material for identity thieves, phishing campaigns, and harassment.
Credential leaks from corporate environments frequently cascade into personal accounts. Passwords or email addresses reused between work and home services give attackers an easy path to your bank, health portal, or children’s online gaming profiles. A single exposed work document can therefore endanger the privacy of everyone who shares your address or email domain.
The Doxxing and Identity-Chain Risk
Stolen internal files often contain more than raw data. They can list employee handles, project codes, partner contacts, and metadata that link seemingly unrelated online identities to real names and physical locations. Attackers stitch these fragments together into an identity chain that reveals where you live, where your children attend school, and which gaming accounts belong to the household.
That chain turns a corporate breach into a personal doxxing vector. Publicly released archives make it simpler for malicious actors to map your digital footprint, then weaponize it through harassment, SIM-swapping, or targeted social engineering. Gaming accounts are especially vulnerable because children and teens often reuse credentials or email addresses tied to a parent’s work domain.
Spacebears’ Publicly Known Track Record
Public reporting attributes the spacebears ransomware group with a pattern of double-extortion attacks that combine encryption with data theft. The group emerged in recent years and typically posts victim data on dark-web leak sites when ransom demands go unpaid. Its playbook involves initial access through common vectors such as phishing or exploited remote-desktop services, followed by broad exfiltration of internal shares and databases. The group then issues public deadlines and begins incremental publication of stolen archives to pressure victims.
What to do
- Run a DoxxScan to map every link between your emails, phone numbers, usernames, and real-world identity so you can see exactly what this leak has made visible.
- Rotate any password used at AbelZeta or related partner systems anywhere it has been reused, and switch on 2FA through an authenticator app rather than text messages.
- Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next exposure of your information is caught and addressed in hours instead of months.
- Cover the household with DoxxScan family protection that includes dependents and children’s gaming accounts, which often chain back to the same addresses or parent credentials exposed in corporate leaks.
- Let DoxxScan remediation specialists manage takedown requests and broker removals for you while you focus on securing accounts and educating family members.
The incident underscores a simple reality: data stolen from one organization can quickly threaten the safety of ordinary families who never set foot inside that company. Starting with a clear picture of your current exposure and maintaining ongoing visibility gives you the best chance of staying ahead of attackers who move faster every year. DoxxScan by GalaxyWarden delivers that visibility through continuous monitoring across 15.4 billion breach records and more than 100 platforms, AI-powered identity-chain mapping, hands-on remediation by specialists, and full household coverage that extends to children’s gaming accounts.
Related breaches
Next Clinics Listed by qilin Ransomware Group
N/A…
Aesthetic Surgical Images Listed by incransom Ransomware Group
Aesthetic Surgical Images, a plastic surgery practice based in Omaha, NE, has been serving patients …
Baraga County Memorial Hospital Listed by Wallstreet Ransomware Group
Baraga County Memorial Hospital is a critical access hospital serving Baraga County with emergency, …
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →