Ransomware group incransom hits carvalima.com.br
carvalima.com.br — a business services target operating in BR has been listed by the incransom ransomware group on 2026-07-01. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.
Incident Report
| Target Organization | carvalima.com.br |
|---|---|
| Threat Group | incransom |
| Summary | Carvalima Transportes is a specialized freight transportation company with over 35 years of experience, headquartered in Cuiabá, MT. The company operates in multiple regions, including Mato Grosso, Mato Grosso do Sul, Rondônia, Acre, and parts of Pará, as well as providing reverse logistics services across several states in Brazil. Their services include fractional cargo transport, dedicated cargo, e-commerce logistics, and air freight. |
| Date of Breach | 2026-07-01 |
| Discovery Date | 2026-07-02 |
| Region | BR |
| Target Domain | carvalima.com.br |
| Business Sector | Business Services |
| Severity | MEDIUM |
Claim by incransom
Carvalima Transportes is a specialized freight transportation company with over 35 years of experience, headquartered in Cuiabá, MT. The company operates in multiple regions, including Mato Grosso, Mato Grosso do Sul, Rondônia, Acre, and parts of Pará, as well as providing reverse logistics services across several states in Brazil. Their services include fractional cargo transport, dedicated cargo, e-commerce logistics, and air freight.
Posted by the incransom threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.
Sources
Victim website
carvalima.com.br
Leak post (onion / Tor)
http://incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion/blog/disclosures/6a468abe5ae71db30ca4400d
Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.
Disclaimer
HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.

