The maker of the world’s most powerful demolition robot, which cleaned up Chornobyl, was allegedly breached by a Russia-linked ransomware gang. The gang is threatening to leak all the data if it is not paid.
The Play ransomware gang claimed responsibility for an attack on the Swedish machinery company Brokk, which specializes in remote-controlled demolition machines and robotic equipment used for nuclear sites and rescue operations.
It is unknown when the gang allegedly accessed the company’s data, but the notice came up 3 days ago on the gang’s leak site. The gang dropped a 4GB dataset with stolen data, free to download.
The gang claims that this is just a partial dataset: “If there [is] no reaction, a full dump will be uploaded,” it threatened. Such threats are a common tactic that ransomware gangs use to pressure victims into paying.
Play claims that it has extracted internal corporate data, including clients' documents, budgets, payroll, IDs, taxes, and financial information.
Cybernews was unable to independently verify this information because the provided dataset could not be extracted using the password shared by the gang. However, if the claims prove to be legitimate, it might put the company and its clients at risk.
“Data breaches almost always hit reputation hard. Customers, whether private individuals or corporate clients, start to lose trust, and with that, your competitive advantage erodes,” the Cybernews research team explained.
“On top of that, you face the classic fallout of exposed PII. Leaked employee data increases the risk of targeted scams and a long tail of security and compliance issues that can take years to fully clean up,” our team added.
Our journalists have reached out to the company, but a response has not yet been received.
The world’s most powerful robot producer
Founded in 1976, the Swedish company pioneered remote-controlled demolition machinery.
Over nearly five decades, its machines have been used in the world’s most hazardous environments, from construction and mining sites to nuclear facilities and underground tunnels.
Since the 1980s, its remotely operated machines have been used in decommissioning and cleanup efforts at facilities around the world.
These include Sellafield, a key site in the United Kingdom’s nuclear program, projects in Idaho Falls, the exclusion zone surrounding Chornobyl, and the Trawsfynydd Nuclear Power Station.
The company's robot, the Brokk 900, is billed as the world’s most powerful demolition robot. The company boasts $96.5 Million in annual revenue.
What we know about Play ransomware
Play ransomware has been linked to Russia and remains among the most active ransomware gangs. According to Cybernews's dark net monitoring tool, since 2023, the gang has listed 1106 victims, 52 of whom are in the last month alone.
One of the gang’s latest victims was the luxury fashion brand, Helen Kaminski.In 2025, the ransomware cartel targeted Jamco Aerospace, a supplier of industrial parts for commercial and military aircraft to the US Navy, Boeing, and Northrop Grumman.
It also claimed ADC Aerospace, a US-based engineering component maker for the defense and aerospace sectors.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked