Ransomware Group: CICADA3301

VICTIM NAME: B&M – Expertise – Audit

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the CICADA3301 Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The leak page pertains to a cybersecurity incident involving a victim in France operating in the Business Services sector. The affected organization is identified as “B&M – Expertise – Audit.” The compromise was discovered on July 18, 2025, with the attack date also recorded as July 18, 2025. The threat group associated with this incident appears to be linked to the notorious hacking collective Cicada 3301. The compromised data size is approximately 233 GB, indicating a significant data breach. The page includes a screenshot showing internal visuals, possibly related to the data or the hacking operation.

The leak indicates the stolen information can be accessed through a known dark web claim URL, which suggests that the attackers are offering a way to verify the breach or potentially recover the data. The “status” listed indicates the leak has been active for over 20 days, emphasizing the ongoing nature of the incident at the time of discovery. No specific details about the stolen data, such as sensitive documents or personal information, are provided publicly, ensuring user privacy and avoiding exposure of PII. The attack appears to be a targeted breach impacting the victim’s business operations, with potential implications for client confidentiality and internal assessments.

The incident highlights the serious risks posed by ransomware groups linked to malicious hacking collectives and the importance of robust cybersecurity measures in safeguarding sensitive business data.