HackerFeeds
All ransomware incidents
gerencialcontabil.com.br

Ransomware group spacebears hits Gerencial

MEDIUM
·Business Services·BR·2026-05-21

Gerencial — a business services target operating in BR has been listed by the spacebears ransomware group on 2026-05-21. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.

Incident Report

Target OrganizationGerencial
Threat Group
spacebears
SummaryGerencial Contábil (Gerencial PR) is a Brazilian accounting and business advisory firm based in the state of Paraná. The company provides accounting, tax, payroll, business consulting, and HR outsourcing services for small and medium-sized businesses. It also assists entrepreneurs with company formation, tax compliance, and business management.The firm operates through multiple offices across Paraná, including locations in Pato Branco, Francisco Beltrão, Dois Vizinhos, Cascavel, Guarapuava, and other cities. Its services are tailored to sectors such as commerce, industry, service providers, and non-profit organizations.-personal digital certificates (amount ~ 1 000) (.pfx / .p12 files) and the corresponding passwords for accessing the Brazilian official government websites. -Clients info (tel, mail, id, passwords, etc)-600 000 + files with personal information https://***.com.br/
Date of Breach2026-05-21
Discovery Date2026-06-17
RegionBR
Target Domaingerencialcontabil.com.br
Business SectorBusiness Services
Severity
MEDIUM

Claim by spacebears

Gerencial Contábil (Gerencial PR) is a Brazilian accounting and business advisory firm based in the state of Paraná. The company provides accounting, tax, payroll, business consulting, and HR outsourcing services for small and medium-sized businesses. It also assists entrepreneurs with company formation, tax compliance, and business management.The firm operates through multiple offices across Paraná, including locations in Pato Branco, Francisco Beltrão, Dois Vizinhos, Cascavel, Guarapuava, and other cities. Its services are tailored to sectors such as commerce, industry, service providers, and non-profit organizations.-personal digital certificates (amount ~ 1 000) (.pfx / .p12 files) and the corresponding passwords for accessing the Brazilian official government websites. -Clients info (tel, mail, id, passwords, etc)-600 000 + files with personal information https://***.com.br/

Posted by the spacebears threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.

Sources

Victim website

gerencialcontabil.com.br

Leak post (onion / Tor)

tor

http://5butbkrljkaorg5maepuca25oma7eiwo6a2rlhvkblb4v6mf3ki2ovid.onion/companies/52/gerencial

Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.

Disclaimer

HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.