All ransomware incidents
Ransomware group thegentlemen hits Sunspray Food
Sunspray Food — a agriculture and food production target operating in ZA has been listed by the thegentlemen ransomware group on 2026-03-26. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.
Incident Report
| Target Organization | Sunspray Food |
|---|---|
| Threat Group | thegentlemen |
| Summary | sunspray.co.za zoominfo.com/c/sunspray-food-ingredients-ltd/425184083 Sunspray Solutions (Pty) Ltd, founded in 1944 and headquartered in Johannesburg, South Africa, is the country's largest independent manufacturer of spray-dried food ingredients. The company operates 10 spray dryers across two manufacturing sites (Industria, Johannesburg and Bronkhorstspruit, Gauteng), producing hundreds of products including caramel powders, fat powders, fruit & vegetable powders, creamers, egg powders, and cheese powders. In 2023, Israeli company Turpaz Industries acquired a 55% controlling stake, enabling Sunspray's geographic and portfolio expansion |
| Date of Breach | 2026-03-26 |
| Discovery Date | 2026-04-19 |
| Region | ZA |
| Target Domain | sunspray.co.za |
| Business Sector | Agriculture and Food Production |
| Severity | MEDIUM |
Claim by thegentlemen
sunspray.co.za zoominfo.com/c/sunspray-food-ingredients-ltd/425184083 Sunspray Solutions (Pty) Ltd, founded in 1944 and headquartered in Johannesburg, South Africa, is the country's largest independent manufacturer of spray-dried food ingredients. The company operates 10 spray dryers across two manufacturing sites (Industria, Johannesburg and Bronkhorstspruit, Gauteng), producing hundreds of products including caramel powders, fat powders, fruit & vegetable powders, creamers, egg powders, and cheese powders. In 2023, Israeli company Turpaz Industries acquired a 55% controlling stake, enabling Sunspray's geographic and portfolio expansion
Posted by the thegentlemen threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.
Sources
Disclaimer
HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.