The Cactus Ransomware group has announced new breaches on their website, targeting companies in various industries. These allegations include a firearms distributor, an engineering consultancy, and an industrial manufacturing firm. Sensitive corporate and personal data are reportedly at risk.
AmChar Wholesale, Inc. (USA)
AmChar Wholesale, Inc., a firearms distributor with over 40 years of experience serving law enforcement agencies and independent dealers across the U.S., was named as one of the alleged victims. Based in Rochester, New York, the company generates $28.7 million in revenue and holds a significant position in the firearms industry. According to the ransomware group’s claims, the stolen data includes personal identifiable information (PII), financial documents, database backups, and customer details. Additionally, they allege that sensitive corporate correspondence and employee information were compromised.
KJ Tait Engineers (UK)
KJ Tait Engineers, a UK-based consultancy specializing in mechanical, electrical, and public health engineering services, was also listed among the victims. Operating from several locations in the UK, including Aberdeen, Cambridge, and London, the firm reportedly suffered a breach involving personal data of employees, customer information, and sensitive corporate documents. The firm, which earns approximately $18.8 million in revenue, is claimed to have had database backups, financial documents, and project drawings leaked.
Hindle Group (UK)
The third target identified by Cactus Ransomware is Hindle Group, an industrial machinery and equipment manufacturer based in Bradford, West Yorkshire. With revenue of $30.6 million, the group specializes in gears, gearboxes, and engine component manufacturing. The ransomware group claims to have stolen PII, contracts, financial data, and other sensitive corporate correspondence from Hindle Group.
The Cactus Ransomware group has posted download links on their onion site, offering access to what they claim is the compromised data, ranging from personal information to critical corporate contracts.
