Alleged Ransomware Attack Targets KYC provider Vouch.co.uk

By Leakd.com Authors

March 17, 2025

vouch.co.uk ransom featured — Source: DALL-E

Ransomware group known as Stormous has allegedly infiltrated the systems of Vouch.co.uk, a UK-based platform, and exfiltrated sensitive user data. According to information retrieved from the dark web, Stormous claims to have accessed and leaked approximately 3GB of sensitive information, including KYC (Know Your Customer) data, UK ID cards, email addresses, phone numbers, and full names of Vouch.co.uk users.

vouch.co.uk ransom — Screenshot of the ransomware group darknet blog

Stormous Ransomware Group Claims Responsibility

Stormous, a known threat actor in the ransomware ecosystem, has taken credit for the attack. The group published details of the alleged breach on their dark web leak site, where they frequently disclose stolen data to pressure companies into meeting their ransom demands.

The threat actors accuse Vouch.co.uk of poor data protection measures, which allowed them to extract large volumes of personally identifiable information (PII). The listing on the Stormous leak site suggests that a sample of the stolen data is already available for public viewing, with the full dataset possibly being auctioned off or published in the coming days.

Potential Impact on Vouch.co.uk Users

If the claims are verified, the data breach could have severe consequences for affected individuals. The leaked personal information could be exploited for identity theft, phishing attacks, or other fraudulent activities. Given the inclusion of KYC documents, the exposure of such sensitive data poses a significant security risk to both individuals and businesses relying on Vouch.co.uk’s services.

Vouch.co.uk’s Response

As of now, Vouch.co.uk has not publicly acknowledged the breach or released an official statement addressing the incident. Users of the platform are advised to take precautionary measures, such as:

Changing their passwords if they use the same credentials on multiple platforms.
Monitoring their accounts for any unusual activity.
Being cautious of phishing emails or scam attempts that may arise from leaked information.

Cybersecurity Experts Weigh In

Cybersecurity analysts warn that ransomware groups like Stormous often use stolen data as leverage to extort companies for ransom payments. Experts recommend that affected users monitor their credit reports, enable multi-factor authentication (MFA) wherever possible, and remain vigilant against potential scams.