fulcrumsec

25 tracked victims

·first seen 2026-05-01·last activity 2026-06-16

Group profile

FulcrumSec is a data extortion group active since approximately September 2025, specializing in high-speed exfiltration of cloud-hosted databases by exploiting unrotated API keys and misconfigured cloud permissions rather than deploying encryption, with known victims including Australian fintech youX and LexisNexis.

Recent victims

Date	Website / victim	Sector	Country
2026-06-16	Novo Nordisknovonordisk.com	Healthcare	DK
2026-06-10	G Global Schools Foundation	Education	SG
2026-05-10	Arup Grouparup.com	Business Services	GB
2026-05-08	Stuf Storagestufstorage.com	Consumer Services	US
2026-05-01	Avnetavnet.com	Technology	US
2026-05-01	Lena Healthlena.io	Healthcare	US
2026-05-01	Woundtechwoundtech.net	Healthcare	US
2026-05-01	youX / Drive IQyouxpowered.com.au	Technology	AU
2026-05-01	LexisNexislexisnexis.com	Business Services	US
2026-05-01	MCOmycomplianceoffice.com	Financial Services	US
2026-05-01	ReFocus AIrefocusai.com	Technology	US
2026-05-01	Haticahatica.io	Technology	US
2026-05-01	Analog Gold / Prospectoranalogau.com	Not Found	US
2026-05-01	Nordstern Technologiesnordsterntech.com	Technology	MX
2026-05-01	ParkEngageparkengage.com	Consumer Services	US
2026-05-01	Saleskidosaleskido.com	Business Services	IN
2026-05-01	Interzerointerzero.de	Business Services	DE
2026-05-01	IMEVIimevi.com.co	Not Found	CO
2026-05-01	Raptor Suppliesraptorsupplies.com	Consumer Services	NL
2026-05-01	Rotary Clubrotary.org	Business Services	US
2026-05-01	JOTjotnw.or.jp	Not Found	JP
2026-05-01	BookBlockbookblock.com	Technology	GB
2026-05-01	Crank Communicationscrankcommunications.com	Telecommunication	US
2026-05-01	CrediElitecredielite.com	Financial Services	US
2026-05-01	Fashinzafashinza.com	Manufacturing	IN