DragonForce listed the Fondation pour la formation des adultes à Genève (IFAGE), a Geneva adult-education foundation, on its extortion leak site on 2026-07-14, claiming 850 GB of exfiltrated data — a claim exceeding and unconfirmed against IFAGE's own May 2026 disclosure of a narrower April 2026 employee-data-exfiltration incident (Inside IT, 2026-07-14; La Télé, 2026-05-15). Treated as an unconfirmed watch item.
1 technique observed across 1 entry — derived from entry metadata and body evidence, never asserted without a published entry behind it · pinned to MITRE ATT&CK v19.1 · compare on the matrix · Navigator layer (JSON)
Impact TA0040
T1657Financial Theft×1
Adversaries may steal monetary resources from targets through extortion, social engineering, technical theft, or other methods aimed at their own financial gain at the expense of the availability of these resources for victims. Financial theft is the ultimate objective of several popular campaign types including extortion by ransomware, business email compromise (BEC) and fraud, "pig butchering," bank hacking, and exploiting cryptocurrency networks.
active-threatsDragonForce claims 850 GB from Geneva's IFAGE, layering an unconfirmed extortion listing onto a narrower April breach the foundation already disclosed
Where this entity is cited
active-threats1
Source distribution
inside-it.ch1 (50%)
latele.ch1 (50%)
Co-occurring entities
Derived — referenced by the same focused operational entries (weekly summaries and report roundups don't count); ×N counts the shared entries.
The German-title source reads "the DragonForce group claims to have captured 850 gigabytes of data from IFAGE; the foundation had already warned of a leak of sensitive data." IFAGE (Fondation pour la formation des adultes à Genève), a Geneva adult-education foundation, disclosed in May 2026 that it suffered an intrusion on 11–12 April 2026 (detected 13 April): unauthorized exfiltration of current- and former-employee data, no ransom demand recorded at the time, reported to the Federal Data Protection and Transparency Commissioner, and described by IFAGE as resolved (La Télé, 2026-05-15). On 14 July 2026, Swiss IT outlet Inside IT reported that the extortion group DragonForce has now listed IFAGE on its leak site, claiming 850 GB — an order of magnitude beyond the scope IFAGE described, and a specific actor attribution IFAGE itself never made (Inside IT, 2026-07-14). No IFAGE statement responding to the listing, and no second independent outlet corroborating the DragonForce name or the 850 GB figure, could be located as of this run.
Die Gruppe Dragonforce will 850 Gigabyte an Daten von Ifage erbeutet haben. Die Stiftung hatte bereits vor einem Abfluss sensibler Daten gewarnt.