[PLAY] – Ransomware Victim: Ebac
Ransomware Group: PLAY
VICTIM NAME: Ebac
NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the PLAY Onion Dark Web Tor Blog page.
AI Generated Summary of the Ransomware Leak Page
The leak page pertains to a ransomware incident involving the manufacturing company Ebac, located in the United Kingdom. The attack was publicly disclosed on June 5, 2025, and the incident was discovered shortly thereafter. The event is associated with a cybercriminal group identified as “play,” which is known for targeting organizations across various sectors. The breach involved the compromise of the company’s data systems, potentially exposing sensitive operational information. The leak includes a screenshot of internal documents, indicating that data has been compromised and made accessible to threat actors.
Additionally, the page provides a claim URL hosted on the dark web, allowing interested parties or other malicious actors to verify the claim or access leaked data. Although no specific details about the nature of the data stolen are provided publicly, the presence of a dedicated leak page suggests a significant breach. Notably, the incident is linked to a known ransomware group and demonstrates the ongoing threat to manufacturing firms in the region. This case underscores the importance of cybersecurity measures for organizations handling critical infrastructure and internal data. The leak content and visuals imply that internal documentation may have been compromised, emphasizing the need for robust incident response protocols.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
