Live Latest activity →
TE

termite

Known ransomware group ACTIVE
Currently active

Termite is a ransomware group first identified in late 2024 using a modified version of Babuk ransomware code; its most notable attack was the November 2024 breach of supply-chain software firm Blue Yonder, claiming 680 GB of exfiltrated data and disrupting major customers including Starbucks.

2

Total Claims

0

Critical

Records Claimed

2

Industries Hit

Active span: May 29, 2026 – Jun 8, 2026 · 2 organizations targeted

Currently active
Activity 3.0 Severity 2.5 Sectors 3.7 Tooling 0.0

Actor Threat Profile

Activity Timeline

Peak: May 2026 (1)
May 2026
LessMore
Jun 2026

Share this profile

Shareable intel card for termite

Top Targeted Industries

Agriculture and Food Production 1
Education 1

Tradecraft & Infrastructure

0

Documented tools

0 / 0

MITRE tactics / techniques

1

Known leak sites

Full intelligence profile on ransomware.live →

Targeted Organizations

Cal FreshUEI College

Claims by termite

Low

Ransomware Claim: Cal Fresh

Cal Fresh
termite
Ransomware Agriculture and Food Production
Jun 10, 2026
Low

Ransomware Claim: UEI College

UEI College
termite
Ransomware Education
May 31, 2026

Never Miss a Critical Alert

CVE advisories, breach reports, and threat intel — delivered daily to your inbox.