Elmoris Listed by Deadlock Ransomware Group
Founded in 1996 in Vilnius, Lithuania, UAB Elmoris is a major manufacturer specializing in light metal packaging and "twist-off" lug caps for the food industry. The company is noted for producing PVC-free, environmentally friendly caps and providing metal printing services, holding AEO certification for international trade.
On July 10, 2026, Lithuanian packaging manufacturer UAB Elmoris appeared on the leak site of the Deadlock ransomware group. The company, which produces twist-off lug caps and metal packaging for the food industry, had internal files exfiltrated after a ransomware attack. While the exact number of people whose information was exposed remains unknown, any current or former employees, suppliers, or customers whose details were stored in those files could now face increased risk of identity theft and doxxing.
Confirmed Facts from Reporting
Public reporting indicates that Deadlock posted proof of the breach on its leak site, including samples of stolen internal documents. Elmoris was founded in 1996 in Vilnius and holds AEO certification for secure international trade. The company specializes in PVC-free, environmentally friendly metal caps used in food packaging and also offers metal printing services. Available reporting describes the incident as a typical ransomware operation involving both encryption and data exfiltration, with the leaked material now publicly accessible via the group’s site.
Why This Matters for You and Your Family
When a manufacturer like Elmoris suffers a breach, the exposed internal files often contain employee records, supplier contracts, customer lists, and correspondence that include names, addresses, email addresses, phone numbers, and sometimes financial details. If your information was in those files, criminals can use it to impersonate you, open accounts in your name, or sell it on underground forums. For families this can mean sudden spam calls, targeted phishing texts to your children, or fraudulent loan applications that damage your credit. The breach also increases the chance that seemingly unrelated accounts tied to the same email or phone number will come under attack.
The Doxxing and Identity-Chain Risks
Stolen company data rarely stays isolated. Attackers combine it with other leaks to build detailed profiles that link your work email to personal accounts, social-media handles, and even your children’s gaming usernames. Once these connections are mapped, a single leaked password can lead to account takeovers across services, doxxing campaigns, or extortion attempts. Credential leaks like this one frequently cascade into gaming account compromises because children often reuse simplified versions of family passwords. The result is a chain that can expose your home address, family photos, and daily routines to anyone willing to pay for the compiled dossier.
Deadlock Ransomware Group Track Record
Public reporting attributes Deadlock with emerging in late 2024 and rapidly adopting a double-extortion model that combines file encryption with public threats to publish stolen data. The group has targeted manufacturing, logistics, and food-sector companies in Europe and North America. Its typical playbook involves initial access through phishing or exploited remote desktop services, followed by lateral movement inside the network to locate valuable files. After exfiltration, Deadlock usually issues a ransom demand with a short deadline before publishing samples and eventually the full dataset on its leak site. Exact prior victim counts are difficult to verify, but security researchers note the group’s steady increase in activity throughout 2025 and 2026.
What to do
- Run a DoxxScan to map every link between your handles, emails, phone numbers, and real-world identity, with no-subscription cleanup handled by specialists.
- Rotate any password you used at Elmoris or related supplier portals anywhere else it appears, and switch to 2FA through an authenticator app rather than SMS.
- Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next exposure of your data is caught within hours instead of months.
- Cover the household with DoxxScan family protection that extends to dependents and your children’s gaming accounts, which often chain back to the same addresses and emails.
- Let remediation specialists manage takedown requests for any personal information already appearing on data-broker or leak sites connected to this incident.
The Elmoris breach is a reminder that even companies you have never directly interacted with can hold pieces of your personal story. Taking concrete steps now limits how far attackers can travel along the identity chain that begins with this leak. DoxxScan by GalaxyWarden delivers continuous monitoring across 15.4 billion breach records and more than 100 platforms, AI-powered identity-chain mapping, and hands-on remediation by specialists, including household coverage that protects children’s gaming accounts from the kind of cascading takeovers this incident can trigger.
Related breaches
Catcorp Listed by Deadlock Ransomware Group
Business direction: Mew mew…
Firesta Listed by Deadlock Ransomware Group
Firesta-Fišer, a.s. is a Czech construction company based in Brno, established in 1990, specializing…
UFL Listed by Deadlock Ransomware Group
United Finance Limited (UFL) is a 100% nationally owned financial institution based in Papua New Gui…
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →