Ransomware: Deadlock claims Gerusia S.L. (ES) — Not Found
AI Analysis
A new ransomware incident has been published on the ransomware.live leak site, involving the Spanish company Gerusia S.L. The entry, dated July 10, 2026, is listed under the Deadlock ransomware group and carries a "Not Found" status, which typically indicates that the victim's data has been posted or the group has claimed responsibility. This event falls under the BREACH framework, meaning it is a confirmed data compromise with potential regulatory implications under EU data protection and incident reporting rules.
The primary affected organization is Gerusia S.L., a Spanish entity, but the impact may extend to its clients, partners, and any individuals whose personal data was exfiltrated. Sectors such as services, manufacturing, or logistics are commonly targeted by Deadlock, though the exact sector is not specified. Compliance teams across the EU should treat this as a reminder that ransomware groups continue to target smaller and mid-sized firms, not just large enterprises.
Compliance teams should immediately verify if their organization has any data-sharing or supply chain links with Gerusia S.L. and assess potential third-party risk. They should also review their own incident response plans, ensuring that ransomware detection and notification procedures align with GDPR breach notification timelines (72 hours). Finally, teams should monitor ransomware.live and similar threat intelligence sources for any updates, and consider reinforcing employee training on ransomware prevention and reporting.
Get notified about BREACH changes
Subscribe to our free weekly digest covering 24 compliance frameworks.