Ransomware group interlock hits Centre for Newcomers
Centre for Newcomers — a public sector target operating in CA has been listed by the interlock ransomware group on 2026-07-17. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.
Incident Report
| Target Organization | Centre for Newcomers |
|---|---|
| Threat Group | interlock |
| Summary | The Newcomers Center provides immigration services aimed at supporting newcomers and creating a welcoming community. They maintain complete information about their clients in their databases, but they fail to ensure the security of this data. Due to their negligence toward their clients and employees, this data has been compromised. We offer you 380 GB of personal client data, company financial information, its current status and reporting, and human resources planning and policies. |
| Date of Breach | 2026-07-17 |
| Discovery Date | 2026-07-17 |
| Region | CA |
| Target Domain | centrefornewcomers.ca |
| Business Sector | Public Sector |
| Severity | MEDIUM |
Claim by interlock
The Newcomers Center provides immigration services aimed at supporting newcomers and creating a welcoming community. They maintain complete information about their clients in their databases, but they fail to ensure the security of this data. Due to their negligence toward their clients and employees, this data has been compromised. We offer you 380 GB of personal client data, company financial information, its current status and reporting, and human resources planning and policies.
Posted by the interlock threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.
Sources
Victim website
centrefornewcomers.ca
Leak post (onion / Tor)
http://y2yplioc7ybrun2qb4opyc2vdt6lqtxvag3rocayyv2ekbtoa7kjo3qd.onion/index.php?p=
Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.
Disclaimer
HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.

