The Play ransomware group claims to have breached several new organizations across the United States and Canada. The group, known for its double-extortion tactics, has listed these companies on its dark web leak site, threatening to publish proprietary data if its demands are not met.
The latest list of alleged victims posted by the group includes:
-
Highmark Companies (🇺🇸): A real estate and construction development firm based in the United States.
-
N C Machinery (🇺🇸): A certified Caterpillar dealer providing heavy equipment sales, parts, and service in the Pacific Northwest.
-
One Source Associates (🇺🇸): A manufacturers’ representative agency serving the electrical, lighting, and construction industries.
-
Artesian Insurance (🇨🇦): An insurance brokerage offering commercial, farm, and personal coverage.
-
Applied Energy Systems (🇺🇸): A provider of high-purity gas delivery systems and equipment for high-tech industries.
-
Radio Sound (🇺🇸): A company specializing in the engineering and manufacturing of audio and communication products.
The group has scheduled the publication of the allegedly stolen data for November 23 and November 24, 2025.












