TiMc

Active

TiMc is a ransomware group that emerged in early 2026, claiming high-impact attacks against Spanish IT services leader Seidor (1 TB+ data) and oncology organization Oncologica (100 GB+), targeting Business Services, Healthcare, and IT sectors with a focus on Spanish-speaking and European targets.

3 Victims

Apr 9, 2026 First Discovered

Apr 9, 2026 Last Discovered

24 Days Inactive

0% Infostealer

1/1 Sites Online

Top Countries

GB 1

ES 1

AR 1

Top Sectors

Healthcare 1

Business Services 1

Manufacturing 1

Known Locations (1)

Pixel Dashboard

rzzfiwoop67jrxadngcy7nvjm7suwtrjznview63ooowqfsm5sq7gmqd.onion

Victims (3)

oncologica

GB Healthcare Discovered: Apr 9, 2026 · Attack est.: Apr 9, 2026

We breached into their intranet and have total control of it , with 1TB+ data exfiltrated including covid-19 database and SaaS src code like oncomine KB and Other PII Full...

Seidor

ES Business Services Discovered: Apr 9, 2026 · Attack est.: Apr 9, 2026

On behalf of A IT solution company , the first response to the data breach was trying to cover the truth, shame on you When the countdown was over, we...

Debene S.A. | Página Principal

AR Manufacturing Discovered: Apr 9, 2026 · Attack est.: Apr 9, 2026

We've taken down their DC and FS, 100GB+ of the data including PII, Trade record and Full 20GB+ MySQL database backup files Due to their non-behavior we choose to put...