diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 99cf3e7..10a40b1 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -12325,6 +12325,26 @@
       },
       "uuid": "3c2f534a-a898-4af6-b3e8-f2740c473de0",
       "value": "SiegedSec"
+    },
+    {
+      "description": "Ransomed.VC burst onto the scene with a well-orchestrated PR campaign, encompassing a clearnet site and multiple communication channels including Telegram and Twitter/X profiles. Their operations are heavily inclined towards exploiting GDPR penalties as a method of extortion, threatening victims with potential legal repercussions in case of data leaks.",
+      "meta": {
+        "aliases": [
+          "Ransomed.vc"
+        ],
+        "refs": [
+          "https://therecord.media/colonial-pipeline-attributes-ransomware-claims-to-unrelated-third-party-breach",
+          "https://socradar.io/on-the-horizon-ransomed-vc-ransomware-group-spotted-in-the-wild/",
+          "https://www.sentinelone.com/blog/sep-2023-cybercrime-update-new-ransomware-threats-and-the-rising-menace-of-telegram/",
+          "https://socradar.io/unmasking-usdod-the-enigma-of-the-cyber-realm/",
+          "https://www.videogameschronicle.com/news/a-ransomware-group-claims-to-have-beached-all-sony-systems/",
+          "https://securityaffairs.com/151550/data-breach/ransomed-vc-sony-ntt-alleged-attacks.html",
+          "https://blog.talosintelligence.com/threat-source-newsletter-sept-28-2023/",
+          "https://www.resecurity.com/blog/article/ransomedvc-in-the-spotlight-what-we-know-about-the-ransomware-group-targeting-major-japanese-businesses"
+        ]
+      },
+      "uuid": "f939b51d-32f9-41d9-8549-f00b2db104c7",
+      "value": "RansomVC"
     }
   ],
   "version": 289