ADVERTISEMENT

Attackers drop terrabytes of US manufacturing giant’s data

The Rhysida ransomware gang has leaked nearly 2TB of sensitive data from US manufacturing giant Gemini Group, exposing employee and client records across North America.

Gemini Group ransomware attack
Paulina Okunytė
Paulina Okunytė Senior Journalist
Nov 6, 2025 Updated: 6 November 2025 3 min read
Gemini Group ransomware attack
Screenshot of the leak site on the Dark net.

What data was leaked on the dark web

  • List of interns and their mentors
  • Employee payroll & vacation balance documents, including full names, job positions, hire dates, net pay amounts, and number of days taken off
  • Internal document templates
  • List of customers, including company names, full names of representatives, and company addresses
  • Various invoices
  • Yearly purchasing reports
  • Health insurance documents, including vendor names, services, health insurance plans used by the company, and their costs
  • Leaked personal employee documents and pictures, including their PII, home addresses, SSNs, dates of birth, and salary details
Gemini Group ransomware attack
Screenshot of allegedly leaked Gemini Group's data.

What is Rhysida ransomware?

ADVERTISEMENT
Gemini Group ransomware attack
Screenshot of allegedly leaked Gemini Group's data.
Gemini Group ransomware attack
Screenshot of allegedly leaked Gemini Group's data.

ADVERTISEMENT