Back to Blog
high severity June 17, 2026 · scope unconfirmed

comta.com.tw Listed by lockbit5 Ransomware Group

Founded in 1990 as a specialist in mold design and manufacturing, Como (Comta) has evolved into a gl...

⚠ Were you affected?
Free email scanner — we check your address against 15.4B+ leaked records in 15 seconds.
Run free scan →
Severity High
Disclosed June 17, 2026
Affected Unconfirmed
Data exposed Internal files exfiltrated in ransomware attack

On June 17, 2026, Taiwanese mold design and manufacturing company Comta.com.tw appeared on the LockBit 5 ransomware leak site with internal files listed for public download after the company apparently declined to pay an extortion demand.

Confirmed Facts from Reporting

Public reporting indicates the firm, originally founded in 1990 and now operating as Como, specializes in precision mold manufacturing for industrial clients. The LockBit 5 group claims to have exfiltrated internal documents during a ransomware attack. No confirmed victim count has been published, and the precise volume or sensitivity of the stolen files remains unclear from available screenshots on the leak portal. The listing carries the standard LockBit countdown timer threatening full data release if ransom is not paid.

LockBit 5 posted the Comta data on its dark-web leak site, a tactic the group has used consistently since rebranding. Industry trackers such as ransomware.live mirrored the post, confirming the claim’s public visibility.

Why This Matters for You and Your Family

When a manufacturer’s internal files leak, the exposed information often includes spreadsheets with supplier contacts, employee details, customer records, or invoices that list personal addresses, phone numbers, and email accounts. Once those records reach public forums, anyone can search them. Employee names, addresses, and contact data become easy starting points for identity thieves, phishing campaigns, or harassment directed at workers and their families.

Your family does not need to be the direct target for harm to occur. A single leaked work email paired with a reused password can open the door to personal account takeovers. Children’s gaming accounts linked to the same family address or parental email are especially vulnerable because gamers frequently reuse credentials across entertainment platforms and school-related logins.

The Doxxing and Identity-Chain Risk

Stolen corporate files rarely stay isolated. Attackers and opportunistic criminals combine them with other breach data to build identity chains: an employee email from the Comta leak can be matched to a personal social-media handle, a child’s Roblox username, or a spouse’s phone number found in another dataset. These chains accelerate doxxing, targeted scams, and account takeovers. Credential leaks like this one routinely cascade into gaming platforms because kids often inherit or reuse family passwords, turning one corporate breach into household exposure across dozens of services.

LockBit 5’s Public Track Record

Public reporting attributes the current LockBit 5 operation to the same loose collective that first appeared under the LockBit banner in 2019. The group has targeted hospitals, schools, manufacturers, and government agencies worldwide. Notable prior victims include numerous manufacturing and logistics companies whose employee and client data later surfaced on breach forums. Their typical playbook involves initial access through phishing or exploited remote desktop services, followed by data exfiltration, encryption of systems, and dual extortion: demanding ransom to decrypt files while separately threatening to publish stolen documents on their leak site if payment deadlines are missed. LockBit 5 continues to recruit affiliates and rebrand after law-enforcement takedowns, maintaining high activity levels into 2026.

What to do

  • Run a DoxxScan to map every link between your handles, emails, phone numbers, and real identity, then use the no-subscription cleanup to remove what appears.
  • Rotate any password you used at comta.com.tw or any related supplier portal, and enable 2FA through an authenticator app on every account where that password was reused.
  • Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next exposure of your data is caught in hours rather than months.
  • Cover the household with DoxxScan family protection that extends to dependents and children’s gaming accounts that can chain back to the same leaked address or email.
  • Let remediation specialists handle takedown requests across data brokers and leak sites for you while you focus on securing your own accounts.

The Comta incident shows how quickly a single manufacturer’s data leak can ripple into personal exposure for employees and their families. Taking concrete steps now limits how far attackers can travel along those identity chains. DoxxScan by GalaxyWarden delivers continuous monitoring across 15.4 billion breach records and more than 100 platforms, AI-powered identity-chain mapping that connects online handles to real identities, and hands-on remediation by specialists who manage takedowns, all with household coverage that includes children’s gaming accounts.

Share this Post on X Reddit Email
Why this isn’t just another breach checker

A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.

Free checker Tells you the breach happened. End of story. You’re still on 800+ broker sites.
$129+/yr Broker-removal services scrub the address but don’t see the breach — next leak re-exposes you.
GalaxyWarden Maps the chain. Cleans both halves. $19 one-shot. Closed loop.

⚠ Were you in this breach?

Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.

Check my email — free →
Close the chain attack

Both halves of the chain, cleaned once.

A breach put your credentials in 15.4B+ leaked records. Hackers chain that data to your address on 800+ broker sites. GalaxyWarden closes both halves for $19 once — no subscription required.

Clean both halves — $19 →
Free breach scan + 800+ broker letters + 30-day proof · one payment, no subscription
W Warden Plus — ongoing monitoring $9.99/mo
Warden Plus ($9.99/mo or $99/yr): weekly re-scans, breach alerts, AI Concierge, auto re-files on relisted brokers.