Ransomware Group: TEAMXXX

VICTIM NAME: ebberrestaurantgroup[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the TEAMXXX Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware incident appears to involve the website of a hospitality and tourism organization, specifically an entity associated with the domain ebberrestaurantgroup.com. The attack date is recorded as June 1, 2025, indicating when the security breach occurred. The group responsible for the attack is identified as “teamxxx”. The ransomware leak page features a screenshot capturing internal documents or data, which is publicly accessible through a provided link. Although detailed information about the compromised data is not specified, the presence of a leak suggests that sensitive organizational information could have been exposed. The incident was discovered on June 10, 2025, and the attacker has provided a link for potential claim or negotiation purposes. The breach might involve data related to the organization’s employees or internal operations, but specific details are not disclosed.

The leak page does not contain explicit personal identifiers or PII, and its content has been summarized in a neutral manner. Visual evidence in the form of a screenshot indicates internal data or documents have been accessible, which may include operational or administrative information relevant to the victim’s business activities. The attack’s impact on the organization’s operations is inferred but not explicitly detailed. The organization operates within the hospitality and tourism industry, but further specifics about the scale or nature of the breach are not provided. The incident underscores the importance of robust cybersecurity measures to prevent data leaks and safeguard organizational and customer information.