Cyber Threat Actor: Genesis

Genesis is a ransomware group known by that alias. The group publicly claimed responsibility for a data breach affecting IMA Diligence Services. The claim was made on the group's Tor leak site in early December 2025. The incident occurred on December 1, 2025.

According to the notification, a legacy server managed by a third‑party provider became inaccessible. Attackers exploited this inaccessibility to gain access to the server. Once inside, they exfiltrated files containing personal information. The group stated that approximately 700 gigabytes of data were taken. The stolen data was later posted on the Genesis Tor leak site for public viewing.

IMA Diligence Services notified over 525,000 individuals that their information was compromised. The exposed data included names and residential addresses. It also contained Social Security numbers and driver’s license numbers. Financial account and credit card numbers were among the stolen fields. Medical and health insurance information was part of the breach. Passport numbers and taxpayer identification numbers were also exposed. In response, the company offered affected individuals twelve months of free credit monitoring and identity restoration services.