Ransomware Group: LYNX

VICTIM NAME: Royal Chemical

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the LYNX Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Royal Chemical Company, Ltd., a manufacturing firm specializing in the production of industrial, institutional, and household cleaning products. Headquartered in Twinsburg, Ohio, the company has been operational since 1938 and maintains multiple manufacturing plants across the United States, including locations in Ohio, Tennessee, Texas, California, and Pennsylvania. The attack was discovered on May 14, 2025, and the breach involved the unauthorized exfiltration of data, which has been publicly leaked as part of the ransomware operation’s published claims. The breach date recorded is May 11, 2025, indicating when the attack occurred.

The leak page features a screenshot potentially depicting internal documents or data related to the victim’s operations. While specific details of the compromised data are not disclosed publicly, the leak suggests that sensitive information, possibly related to its manufacturing processes or business operations, has been exposed. No personal or PII information is included, and the focus remains on the industrial nature of the victim. Download links or leaks of data are implied but not listed explicitly. The page is associated with the group identified as ‘lynx,’ a known ransomware actor. The company’s website is provided for reference, but no further technical specifics are included in the leak disclosure.