Atcom Listed by dragonforce Ransomware Group
ATCOM Technology Co., LTD. specializes in manufacturing VoIP products, including various types of IP phones and IP PBX systems. They offer a range of solutions such as self-built VoIP, cloud VoIP, call center VoIP, and Wi-Fi VoIP solutions tailored for enterprises. Their focus is on creating value for customers through innovative products and excellent service. The intended clients include businesses looking for reliable and efficient communication systems.
On July 14, 2026, Taiwanese VoIP manufacturer ATCOM Technology Co., LTD. appeared on the leak site operated by the dragonforce ransomware group. The listing states that internal files were exfiltrated during a ransomware attack on the company, which produces IP phones, IP PBX systems, and various cloud and on-premise VoIP solutions used by businesses worldwide. The number of people whose data may be exposed remains unknown, as neither the leak-site posting nor any subsequent company notification has quantified affected records.
Primary Disclosure Details
The dragonforce leak site lists ATCOM as a victim and claims successful data exfiltration. The posting, first indexed on July 14, 2026, indicates that internal files were taken but does not describe the specific data types or volume. Public mirrors of the onion site, such as ransomware.live, confirm the listing exists at the provided UUID-linked URL. ATCOM has not yet released a detailed public breach notification, so the exact scope of exposed information — whether customer databases, employee records, partner contracts, or source code — is not publicly confirmed.
dragonforce typically gives victims a short window to negotiate before publishing or selling the stolen data. The listing does not disclose any ransom demand amount or payment deadline.
Why This Matters for You and Your Family
If you or your employer uses ATCOM IP phones, PBX systems, or any of their VoIP services, your contact details, call logs, or configuration data may now sit in an attacker-controlled archive. Even when the primary target is a company, ordinary customers and employees often bear the downstream risk. Personal phone numbers, email addresses, and internal credentials tied to these systems can surface in follow-on sales or dumps, increasing the chance of phishing, SIM-swapping, or identity fraud directed at you and your household.
VoIP systems frequently store address books, call history, and sometimes billing information. When those records leak, attackers can map who talks to whom, creating detailed profiles that make social-engineering attacks far more convincing.
Doxxing and Identity-Chain Risks
Leaked internal files from a VoIP vendor rarely stop at one company. Support tickets, reseller agreements, and employee spreadsheets often contain personal phone numbers, home addresses, and email accounts that link corporate identities to real-world families. Once published, these fragments become building blocks for doxxing chains: an attacker starts with a work email, finds the matching personal account on another site, then locates children’s gaming usernames that reuse the same password or recovery phone. The result is a single breach that can expose every linked account across work, home, and family gaming platforms.
Dragonforce’s Known Track Record
Public reporting attributes the emergence of dragonforce to mid-2024. The group has claimed responsibility for attacks on manufacturing, technology, and logistics companies across Asia and Europe. Their playbook typically combines initial access through phishing or exploited remote-desktop services, followed by rapid exfiltration of internal shares before encryption. Extortion follows a double-pressure model: demands are made to the victim company while simultaneously threatening to release the data on their leak site and dark-web forums. Past victims include smaller hardware and software firms whose customer and partner data later appeared in secondary sales, showing that dragonforce does not always wait for non-payment before distributing stolen archives.
What to do
- Run a DoxxScan to map every link between your handles, emails, phone numbers, and real identity, then use the no-subscription cleanup of Warden to remove what you can.
- Rotate any password you ever used on ATCOM-related systems or services and enable 2FA through an authenticator app rather than SMS.
- Enable continuous DoxxScan monitoring so the next breach that touches your data is caught in hours, not months, across 15.4B+ breach records and 100+ platforms.
- Cover the household — DoxxScan family coverage extends to dependents and children’s gaming accounts that often chain back to the same address or recovery details exposed in vendor leaks like this.
- Let remediation specialists handle takedown requests for any personal information already appearing on data-broker or extortion sites.
The speed with which ransomware groups move stolen data means ordinary families must treat every vendor breach as personal. Starting now with deliberate credential hygiene and identity-chain monitoring is the clearest way to limit damage from incidents that companies may never fully disclose. DoxxScan by GalaxyWarden delivers that continuous monitoring across 15.4B+ breach records and 100+ platforms, AI-powered identity-chain mapping, hands-on remediation by specialists, and full household coverage including children’s gaming accounts that frequently become the next link in the attack chain.
Related breaches
momenta.cn Listed by dragonforce Ransomware Group
Momenta is an AI and autonomous-driving company. All source code, financial documents, configuration…
Road Ahead Technologies Consultant Listed by dragonforce Ransomware Group
马路科技 specializes in advanced 3D scanning and measurement solutions, offering a range of products inc…
Edison Global Networks Limited Listed by dragonforce Ransomware Group
Edison Global Networks Limited is a Hong Kong-based IT system integrator and managed service provide…
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →