Mercado Libre: Mercado Libre hit by ransomware attack

Mercado Libre: Mercado Libre hit by ransomware attack

Mercado Libre Hit by Ransomware Attack as The Gentlemen Expands Targets

Latin America’s leading e-commerce platform, Mercado Libre, has been listed as a victim of The Gentlemen, a prolific ransomware group active in 2026. The threat actor added the Argentine company to its dark web leak site, though it has not disclosed the nature of the stolen data or the attack vector.

Despite the breach claim, MercadoLibre.com remains operational with no visible disruptions. Founded in 1997 by Marcos Galperin, the company serves millions across 18 Latin American countries, offering e-commerce, digital payments (Mercado Pago), and logistics (Mercado Envíos). With nearly 85,000 employees, it is a critical player in the region’s digital economy.

The Gentlemen has rapidly escalated its operations this year, recently targeting Indra, a Spanish tech conglomerate, by breaching one of its subsidiaries. While Indra contained the incident, the group’s strategy focuses on high-value Western organizations in sectors like ICT, manufacturing, healthcare, energy, and logistics, pressuring victims to pay to avoid legal, operational, or reputational fallout.

Security researchers estimate the group has compromised over 300 victims globally in 2026 alone, underscoring its growing threat to enterprises. Mercado Libre has yet to confirm the extent of the breach or its response.

Source: https://www.escudodigital.com/en/cybersecurity/mercado-libre-hit-by-ransomware-attack.html

Mercado Libre TPRM report: https://www.rankiteo.com/company/mercadolibre

"id": "mer1783492030",
"linkid": "mercadolibre",
"type": "Ransomware",
"date": "7/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'E-commerce, Digital Payments, Logistics',
                        'location': 'Argentina (operates in 18 Latin American '
                                    'countries)',
                        'name': 'Mercado Libre',
                        'size': '85,000 employees',
                        'type': 'E-commerce platform'}],
 'description': 'Latin America’s leading e-commerce platform, Mercado Libre, '
                'has been listed as a victim of The Gentlemen, a prolific '
                'ransomware group active in 2026. The threat actor added the '
                'Argentine company to its dark web leak site, though it has '
                'not disclosed the nature of the stolen data or the attack '
                'vector. Despite the breach claim, MercadoLibre.com remains '
                'operational with no visible disruptions.',
 'impact': {'downtime': 'None (operational with no visible disruptions)'},
 'motivation': 'Financial gain, reputational/operational pressure',
 'references': [{'source': 'Cyber Incident Description'}],
 'threat_actor': 'The Gentlemen',
 'title': 'Mercado Libre Hit by Ransomware Attack as The Gentlemen Expands '
          'Targets',
 'type': 'Ransomware'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.