Ransomware Group: PLAY

VICTIM NAME: FormWood Industries

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the PLAY Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to FormWood Industries, a manufacturing company based in the United States. The attack was identified and disclosed on July 12, 2025, with the compromise date listed as July 11, 2025. The leak includes a screenshot depicting internal documents or data, suggesting significant information exposure. The incident is part of a broader group known as “play.” No specific details regarding the type of data compromised are provided, but the presence of leaked information indicates a breach of sensitive company data. The leak page includes a link to a claim URL on the dark web where further details or proof of data theft might be available.

The webpage features visual evidence in the form of a screenshot, which appears to display confidential internal information or documents related to the victim organization. No additional information about specific compromised systems, types of data, or inherent threats is disclosed. The attack’s timing suggests recent activity, with the incident marking a significant cybersecurity event for this manufacturing company. No personally identifiable information or sensitive company identifiers are publicly visible in the leak, maintaining confidentiality of individual and corporate identities. The report underscores the importance of proactive security measures to prevent similar threats in the manufacturing sector.