Ransomware Group: BLACKLOCK

VICTIM NAME: Riverdell Construction

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the BLACKLOCK Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Riverdell Construction, a small-scale construction company specializing in luxury custom homes and high-end residential properties in Southern Oregon, United States. The company employs fewer than 25 staff members and generates annual revenues under five million dollars. The attack date is recorded as June 2, 2025, with the incident discovered shortly afterward, on the same day. The leak exposes certain data associated with the victim, though specific sensitive information has been redacted to protect privacy. The page includes a screenshot providing a visual overview of the incident and indicates the availability of a data download link on the dark web platform.

The compromised company operates within the construction industry, serving regions including Medford, Jacksonville, Ashland, and Applegate in Oregon. The disclosure does not specify the exact nature of the leaked data, but the presence of a download link suggests that internal documents, project files, or related information may have been compromised. No direct personal or employee-specific details are evident from the available information, and the leak appears to focus on business-related data. The visual representation included on the page indicates an attempt to communicate the breach’s scope and impact, although no graphic or explicit content details are provided.