Ransomware group coinbasecartel hits Jozef Stefan Institute (IJS)
Jozef Stefan Institute (IJS) — a education target operating in SI has been listed by the coinbasecartel ransomware group on 2026-05-11. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.
Incident Report
| Target Organization | Jozef Stefan Institute (IJS) |
|---|---|
| Threat Group | coinbasecartel |
| Summary | [AI generated] Jozef Stefan Institute (IJS) is Slovenia's leading research institution, headquartered in Ljubljana. It operates across multiple scientific disciplines including physics, chemistry, biochemistry, electronics, information technology, and environmental sciences. Founded in 1949, it conducts fundamental and applied research, hosts numerous national and international projects, and collaborates with academic and industrial partners. It also plays a key role in educating postgraduate researchers in Slovenia. |
| Date of Breach | 2026-05-11 |
| Discovery Date | 2026-05-11 |
| Region | SI |
| Target Domain | ijs.si |
| Business Sector | Education |
| Severity | MEDIUM |
Claim by coinbasecartel
[AI generated] Jozef Stefan Institute (IJS) is Slovenia's leading research institution, headquartered in Ljubljana. It operates across multiple scientific disciplines including physics, chemistry, biochemistry, electronics, information technology, and environmental sciences. Founded in 1949, it conducts fundamental and applied research, hosts numerous national and international projects, and collaborates with academic and industrial partners. It also plays a key role in educating postgraduate researchers in Slovenia.
Posted by the coinbasecartel threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.
Sources
Victim website
ijs.si
Leak post (onion / Tor)
http://fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion/companies/ijs
Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.
Disclaimer
HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.