Last updated: March 1, 2026
Ransomwhere.org is a non-profit, open-source ransomware intelligence platform. We are committed to protecting the privacy of our visitors. This policy explains what data we collect, how we use it, and your rights.
No personal data is collected. We do not require accounts, logins, or any form of registration to use this platform.
No cookies. We do not use cookies, tracking pixels, or any client-side tracking mechanisms.
Server logs. Our hosting provider (Cloudflare) may collect standard web server logs including IP addresses, browser user agents, and request URLs. These logs are managed by Cloudflare under their own privacy policy and are not accessed by us for tracking purposes.
Analytics. We do not use Google Analytics or any third-party analytics services.
All data displayed on this platform is sourced from publicly available APIs and open-source intelligence (OSINT) feeds. This includes:
We do not collect or store any private or non-public data. All victim information was already publicly disclosed by threat actors on their leak sites.
This platform uses the following third-party services:
Each of these services has their own privacy policy governing how they handle data.
Since we do not collect personal data, there is no personal data to access, correct, or delete. If you believe your organization has been incorrectly listed in publicly available ransomware victim data, please contact the upstream data source (Ransomware.live) directly.
We may update this privacy policy from time to time. Changes will be reflected on this page with an updated revision date. Continued use of the platform constitutes acceptance of the current policy.
Questions about this policy? This is an open-source project —
review our code on GitHub or open an issue.