Ransomware Group: CACTUS

VICTIM NAME: electrocraft[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the CACTUS Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page associated with ElectroCraft, Inc. highlights significant details about the company’s operations and exposed data. ElectroCraft, based in the USA, specializes in producing application-engineered fractional-horsepower motors and motion products, catering to a diverse range of industries, including automotive parts. The company’s annual revenue is reported at $190.1 million. While the website provides further insights into their offerings, the leaked information suggests that various sensitive data categories may have been compromised. The specifics of the data leak include insights into corporate confidential data, database backups, and projects, which could impact the company’s reputation and operational integrity.

The leak page indicates that 477GB of information has been exposed, with less than 1% disclosed publicly. Specific types of leaked data include personal identifiable information, engineering documents, contractual agreements, and private correspondence. This comprehensively indicates a serious breach of confidentiality that may affect not only the company’s operations but also various stakeholders involved with ElectroCraft. While the page mentioned the presence of download links, it has been specified that no active download links are available currently. Furthermore, the inclusion of multiple images suggests that visual evidence of compromised data might exist, although the nature of these images remains unspecified.