donutleaks attacks Evo exhibits

Incident Date:

September 28, 2022

World map



donutleaks attacks Evo exhibits


Evo exhibits




Peru, USA

Indiana, USA

First Reported

September 28, 2022

Evo Exhibits Suffers Ransomware Attack by DonutLeaks

Company Overview

Evo Exhibits, a full-service provider of trade show exhibits, displays, and environments, specializes in hybrid exhibit solutions. These solutions, available for both rent and purchase, are designed to meet the diverse needs of their clients' trade show programs. With a team of dedicated experts, Evo Exhibits focuses on designing, creating, staging, and facilitating innovative trade show exhibits and experiences.

Vulnerabilities and Targeting

Ransomware attacks pose a significant cybersecurity risk, with Evo Exhibits being the latest victim of such threats. The ransomware group DonutLeaks targeted the company, likely exploiting vulnerabilities within Evo Exhibits' systems to encrypt files and demand a ransom for their release. The specific vulnerabilities and methods used in the attack have not been disclosed.

Impact and Response

The exact impact of the ransomware attack on Evo Exhibits remains unclear, including whether personal data breaches occurred or business operations were disrupted. Similarly, the company's response to the ransomware attack has not been detailed, leaving questions about how Evo Exhibits is addressing the incident and what steps are being taken to mitigate future risks.

The ransomware attack on Evo Exhibits by DonutLeaks underscores the persistent threat of cybercrime within the business services sector. It is imperative for companies to maintain vigilance and adopt comprehensive cybersecurity measures to safeguard against such attacks.


  • Evo Exhibits - Homepage:
  • Ransomware Posts - GitHub Pages: (Note: Specific URL for "Ransomware Posts" on GitHub Pages could not be located due to the generic nature of the provided link and the vast content hosted on GitHub.)

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.