Tour Edge Data Breach

Alleged

Ransomware claim involving Tour Edge.

Published: Jun 30, 2026 Settra
Threat Level
High
Confidence: High

Quick Summary

Alleged
Company
Tour Edge
Industry
Business Services
Threat Actor
Settra
Date of Incident
Jun 30, 2026

Executive Summary

The RANSOMWARE group SETTRA has allegedly targeted Tour Edge, a US-based company operating in the hospitality and tourism sector. The group listed Tour Edge on its dark web portal on June 30, 2026, as part of a recent surge of attacks against US commercial organizations. This incident is identified through SOCRadar’s Dark Web Monitoring service.

Technical Analysis

SOCRadar’s analysis of stealer-log telemetry identified a minor exposure for the touredge.com domain, with four records of consumer and corporate accounts dating from December 2025 to February 2026. While the sample size is small and does not confirm Settra’s direct use of these credentials, the pattern of credential reuse with corporate email addresses is consistent with typical initial access vectors for ransomware groups such as Settra. This involves using credentials harvested by infostealers to gain access to corporate systems via Microsoft 365, VPNs, or remote access portals. CTI teams are advised to rotate exposed credentials, investigate affected endpoints for stealer activity, and implement ongoing credential monitoring.