Cyber Incident Victim: Quintal

On or around September 16, 2022, the ransomware group LockBit listed Quintal, a Colombian chemical manufacturing and distribution company serving the agricultural, construction, metallurgical, and energy sectors, as a victim on its data leak site. LockBit claimed responsibility for compromising Quintal’s systems but did not provide a proof pack—a sample of exfiltrated data typically used to validate attacks—at the time of initial listing. No details regarding the intrusion methods, specific systems compromised, or volume of data exfiltrated were disclosed by LockBit or independently verified. DataBreaches.net attempted to confirm the incident by reviewing Quintal’s official website and social media channels but found no public statements acknowledging a breach, disruption, or security incident. Similarly, LockBit’s representatives did not respond to inquiries sent via Tox, and the group subsequently went offline for an extended period shortly after the listing appeared.

The incident occurred amid a broader LockBit targeting campaign against South American entities, including Chile’s Comisión Nacional de Acreditación (CNA), Colombia’s Independence oil services firm, Venezuela’s Makler insurance brokerage, and Peru’s Instituto De Desarrollo Profesional (IDEPRO). While IDEPRO’s breach was partially corroborated by Peru’s national cybersecurity center, Quintal’s remained unverified due to the absence of actionable evidence or victim acknowledgment. No operational disruptions, financial impacts, or data exposure specifics were publicly attributed to the Quintal listing. LockBit’s history of occasionally mislabeling victims led DataBreaches.net to classify the Quintal claim as unconfirmed. The lack of third-party reporting or regulatory disclosures from Colombian authorities further limited insight into the incident’s scope or validity.