Threat Group Profile
fulcrumsec
Dormant / historical
Victim claims
25
First seen
Dec 2025
Last activity
10 Jun 2026
Tracked since
โ
Group overview
FulcrumSec is a data extortion group active since approximately September 2025, specializing in high-speed exfiltration of cloud-hosted databases by exploiting unrotated API keys and misconfigured cloud permissions rather than deploying encryption, with known victims including Australian fintech youX and LexisNexis.
Preferred targets
Technology ยท 6
Business Services ยท 5
Healthcare ยท 3
Consumer Services ยท 3
Financial Services ยท 2
Education ยท 1
Most targeted countries
US ยท 13
GB ยท 2
IN ยท 2
SG ยท 1
DK ยท 1
MX ยท 1