// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-newsDTG 0600Z
ColdRecon / Breach Radar / ASSA ABLOY
Breach Record

ASSA ABLOY

DISCLOSED 2025-03-17 · RANSOMWARE · RANSOMWARE

ASSA ABLOY has reportedly been targeted by the Cactus ransomware group, which claims to have stolen 229GB of corporate and executive data. The attack appears to involve ransomware deployment, but no details on the initial access vector or exact breach date have been disclosed. The incident highlights the ongoing threat of ransomware to large manufacturing organizations.

The record

What we know

Disclosed
2025-03-17
Attack vector
Ransomware
Sector
manufacturing
Data classes exposed
corporate dataexecutive data
RANSOMWARE ENDPOINT INVOLVED
ColdRecon assessment

Could a positive-security control have prevented this?

Verdict · unclear · opinion

Without details on initial access, it is unclear if a positive-security model would have prevented this ransomware attack, though it could potentially block unauthorized encryption or exfiltration if properly configured.

Our assessments are opinion, grounded in the cited public facts. Read them critically.

Sources

Cited reporting

Similar vector · recent

Other ransomware breaches on file

This page is the permanent ColdRecon entry for the ASSA ABLOY disclosure. It updates if new public reporting emerges. All tracked breaches →

ASSA ABLOY just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →