The Sinobi ransomware group has allegedly claimed responsibility for a cyberattack against Melwood, a major non-profit organization based in the United States. The claim was posted on the threat actor’s data leak site on September 8, 2025. Melwood is renowned as one of the nation’s leading advocates, service providers, and employers for people with disabilities. The organization provides essential services, including employment, job training, and life skills support, to more than 3,000 people annually throughout Washington D.C., Maryland, and Virginia.
The ransomware group’s publication indicates that the data obtained from Melwood’s network is currently “Encrypted,” suggesting that the files have been stolen and are being held for a ransom. While the post does not specify the types of data exfiltrated, a successful breach could expose the sensitive personal information of the vulnerable individuals and their caregivers that the organization serves. This incident highlights the growing threat ransomware poses to critical non-profit organizations that manage highly confidential data.
