momenta.cn Listed by dragonforce Ransomware Group
Momenta is an AI and autonomous-driving company. All source code, financial documents, configuration files, employee database, and more were stolen. Servers and workstations were encrypted. Momenta is trying to hide everything from Chinese regulators, the HKEX commission, and investors while reporting a $751M profit from its recent IPO. With a $9B+ market capitalization, this amounts to one of the largest financial frauds in Chinese history.
On July 14, 2026, Chinese autonomous-driving company Momenta was listed on the DragonForce ransomware leak site, confirming that attackers had exfiltrated internal files during a ransomware incident and later encrypted the company’s servers and workstations.
Confirmed Details from the Listing
The DragonForce leak-site posting states that the group stole all source code, financial documents, configuration files, and the employee database. The disclosure does not quantify how many individuals are in the employee database or list specific categories of personal information beyond the broad description of “internal files.” It also notes that Momenta’s production systems were encrypted after the data was removed. The listing does not detail exact ransom amounts or negotiation status. Public reporting on the incident indicates Momenta has not yet issued a formal breach notification to affected individuals or regulators detailing the scope of personal data exposure.
Why This Matters for You and Your Family
If you or any member of your family ever worked at Momenta, applied for a job there, or had business dealings with the company, your personal information may now sit in an attacker-controlled archive. Employee databases routinely contain full names, national ID numbers, home addresses, phone numbers, dates of birth, salary records, and sometimes family contact details. When this kind of data reaches criminal hands, it rarely stays isolated. One exposed record can link to your email addresses, reused passwords, or social-media accounts, creating a chain that reaches your household. Even if you were not directly employed, vendors, contractors, and their families frequently appear in configuration files and financial spreadsheets that were taken.
The Doxxing and Identity-Chain Risk
Stolen internal files accelerate doxxing because they provide the exact links attackers need to connect anonymous online handles to real-world identities. A configuration file might list an employee’s corporate email next to a personal phone number; financial documents can tie that same person to payment records on gaming platforms or subscription services. Once those connections surface on criminal forums, opportunistic actors can hijack accounts, file fraudulent tax returns, or target family members with phishing campaigns. Credential leaks of this nature routinely cascade into gaming-account takeovers, especially for children who share the same household address or recovery email. The speed at which DragonForce publishes data means the window between theft and public exposure is shrinking.
DragonForce’s Known Track Record
Public reporting attributes the first major DragonForce campaigns to late 2024. The group has since hit manufacturing, technology, and logistics targets across Asia and Europe. Notable prior victims include mid-sized software firms and automotive suppliers whose source code and financial records were published after encryption. Their typical playbook involves initial access through compromised remote-desktop credentials or vulnerable web applications, followed by rapid exfiltration of high-value folders before deploying ransomware. DragonForce usually posts a small sample of stolen data on their leak site and demands payment within a short window, threatening full publication and contact with regulators or business partners if unpaid. The Momenta listing follows this pattern exactly.
What to do
- Run a DoxxScan to map every link between your handles, emails, phone numbers, and real identity, then use the no-subscription cleanup of Warden to remove what you can.
- Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next exposure of your data is caught in hours rather than months.
- Rotate any password you ever used at Momenta or any related vendor account, then replace it with a unique passphrase and enable 2FA through an authenticator app everywhere that credential was reused.
- Cover the entire household with DoxxScan family protection, which extends to dependents and children’s gaming accounts that often chain back to the same address or recovery details exposed in employee databases.
- Let remediation specialists handle takedown requests across data-broker sites and underground forums where your information may already be circulating.
The incident shows once again that even well-funded technology companies with nine-figure market caps cannot guarantee the safety of the personal data they hold. A single successful intrusion can place your family’s details on leak sites within weeks. Starting a DoxxScan trial gives you continuous monitoring across 15.4B+ breach records and 100+ platforms, AI-powered identity-chain mapping, and hands-on remediation by specialists who also watch for gaming-account risks that affect children. Protecting yourself and your family begins with knowing exactly where your information already appears.
Related breaches
Northeast Rescue Systems Listed by dragonforce Ransomware Group
Northeast Rescue Systems is a dedicated provider of specialized rescue, safety, and protective equip…
www.twtci.com Trans World Trading Listed by dragonforce Ransomware Group
Trans World Trading Company, Inc. is a leading business conglomerate in the Philippines, recognized …
Nicholson y Cano Abogados Listed by dragonforce Ransomware Group
Nicholson y Cano is a leading full-service law firm in Argentina, established in 1976, with a team o…
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →