Back to Blog
high severity May 17, 2026 · scope unconfirmed

psbsementi.it Listed by m3rx Ransomware Group

+39 051 890 421. Società Produttori Sementi S.p.A. (PSB) is one of Italy’s oldest and most prestigious agricultural enterprises, specializing in the research, genetic improvement, multiplication, and distribution of certified seeds. For over a century, PSB has been a cornerstone of the Mediterranean agricultural supply chain, bridging the gap between scientific field research and the industrial food sector. Stolen: 364gb 280k files

⚠ Were you affected?
Free email scanner — we check your address against 15.4B+ leaked records in 15 seconds.
Run free scan →
Severity High
Disclosed May 17, 2026
Affected Unconfirmed
Data exposed Internal files exfiltrated in ransomware attack

On May 17, 2026, the Italian seed company Società Produttori Sementi S.p.A. (PSB Sementi) appeared on the leak site of the m3rx ransomware group, with attackers claiming to have stolen 364 GB containing 280,000 files of internal company data.

Confirmed Details of the Breach

Public reporting indicates the incident began as a ransomware attack on the company’s internal systems. The m3rx group later published a listing on its dark-web leak site, displaying samples of the allegedly exfiltrated material. The exposed volume — 364 GB across 280,000 files — suggests a wide range of internal documents were taken. No confirmed list of specific data types such as customer names, payment details, or employee records has been publicly detailed, but the scale implies sensitive business, operational, and potentially personal information was involved. The company, reachable at +39 051 890 421, has not yet issued a public statement on the incident according to available reporting.

Why This Matters for You and Your Family

When a company that forms part of the agricultural supply chain is breached, the ripple effects can reach ordinary people. PSB Sementi supplies certified seeds used by farms, food producers, and distributors across the Mediterranean. If contracts, supplier lists, farmer contacts, or employee payroll files were among the stolen data, your information or that of someone in your household could now sit in an attacker’s archive. Once data leaves a corporate network, it rarely stays contained. It can surface on forums, get bundled into larger datasets, or be used to launch follow-on attacks against individuals whose details appear inside the files.

The Doxxing and Identity-Chain Risks

Ransomware operators increasingly treat stolen corporate data as raw material for doxxing chains. An email address found in a supplier spreadsheet can be cross-referenced with social-media handles, phone numbers, or family-member records. This mapping turns a single breach into a roadmap that links your professional life to your personal one. Credential leaks from such incidents frequently cascade into gaming-account takeovers, especially for children whose usernames and passwords may be reused across school, home, and play accounts. Public reporting describes how these chains allow attackers to escalate from simple data sales to targeted extortion, identity theft, or harassment. The longer the data circulates unchecked, the harder it becomes to limit the damage.

m3rx Ransomware Group Track Record

Public reporting attributes the m3rx group with emerging in late 2024. The gang has claimed responsibility for attacks on organizations across Europe and North America, typically targeting mid-sized enterprises in manufacturing, logistics, and professional services. Their standard playbook involves initial access through compromised remote desktop credentials or phishing, followed by extensive internal network reconnaissance, data exfiltration, and then deployment of ransomware. If payment is not received, they publish stolen files on their leak site and sometimes offer the data for sale to third parties. Notable prior victims named in industry trackers include several European food-sector and agricultural-adjacent companies, though exact details remain limited in open sources.

What to do

  • Run a DoxxScan to map every link between your emails, phone numbers, online handles, and real-world identity so you can see exactly what this breach may have exposed about you.
  • Rotate any password you used at psbsementi.it or related supplier portals anywhere else it is reused, and switch on two-factor authentication through an authenticator app rather than SMS.
  • Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next time your information appears it is caught within hours instead of months.
  • Cover the entire household with DoxxScan family protection, which includes children’s gaming accounts that often chain back to the same addresses or parent credentials found in corporate leaks.
  • Let remediation specialists handle takedown requests and broker removals for you while you focus on securing day-to-day accounts.

The incident shows that even organizations far removed from daily consumer life can expose ordinary families to long-term risk. Acting quickly on the information that surfaces from this and future leaks remains the most practical defense. DoxxScan by GalaxyWarden delivers continuous monitoring across 15.4 billion breach records and more than 100 platforms, AI-powered identity-chain mapping that connects scattered online traces to real identities, hands-on remediation by specialists, and full household coverage that explicitly protects children’s gaming accounts from cascading takeovers.

Share this Post on X Reddit Email
Why this isn’t just another breach checker

A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.

Free checker Tells you the breach happened. End of story. You’re still on 800+ broker sites.
$129+/yr Broker-removal services scrub the address but don’t see the breach — next leak re-exposes you.
GalaxyWarden Maps the chain. Cleans both halves. $19 one-shot. Closed loop.

⚠ Were you in this breach?

Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.

Check my email — free →
Close the chain attack

Both halves of the chain, cleaned once.

A breach put your credentials in 15.4B+ leaked records. Hackers chain that data to your address on 800+ broker sites. GalaxyWarden closes both halves for $19 once — no subscription required.

Clean both halves — $19 →
Free breach scan + 800+ broker letters + 30-day proof · one payment, no subscription
W Warden Plus — ongoing monitoring $9.99/mo
Warden Plus ($9.99/mo or $99/yr): weekly re-scans, breach alerts, AI Concierge, auto re-files on relisted brokers.