HackerFeeds
All ransomware incidents
reatile.co.za

Ransomware group incransom hits reatile.co.za

MEDIUM
·Not Found·ZA·2026-07-18

reatile.co.za — a not found target operating in ZA has been listed by the incransom ransomware group on 2026-07-18. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.

Incident Report

Target Organizationreatile.co.za
Threat Group
incransom
SummaryReatile Group is an innovative, black-owned investment holding company established in 2003, focusing on the energy, petrochemical, and industrial sectors in South Africa. The company aims to leverage growth opportunities within these industrial sectors of the South African economy. Reatile Group is committed to improving the quality of life for disadvantaged communities through its foundation. Their strategic vision emphasizes growth and development in key sectors.
Date of Breach2026-07-18
Discovery Date2026-07-18
RegionZA
Target Domainreatile.co.za
Business SectorNot Found
Severity
MEDIUM

Claim by incransom

Reatile Group is an innovative, black-owned investment holding company established in 2003, focusing on the energy, petrochemical, and industrial sectors in South Africa. The company aims to leverage growth opportunities within these industrial sectors of the South African economy. Reatile Group is committed to improving the quality of life for disadvantaged communities through its foundation. Their strategic vision emphasizes growth and development in key sectors.

Posted by the incransom threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.

Sources

Victim website

reatile.co.za

Leak post (onion / Tor)

tor

http://incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion/blog/disclosures/6a5ad7205ae71db30cbcf9e2

Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.

Disclaimer

HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.