[WORLDLEAKS] – Ransomware Victim: TCI Doors
Ransomware Group: WORLDLEAKS
VICTIM NAME: TCI Doors
NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the WORLDLEAKS Onion Dark Web Tor Blog page.
AI Generated Summary of the Ransomware Leak Page
The ransomware leak page pertains to TCI Doors, a family-owned business situated in the United States that specializes in manufacturing and distributing doors, including storm, patio, and steel entry doors. The breach was publicly disclosed on July 21, 2025, with the attack date recorded as July 20, 2025. The incident involves the unauthorized extraction of business information, which has been posted on a dark web leak site. The leaked content appears to include internal data that could potentially compromise the company’s operations or customer information. The leak page indicates that data is available for download, suggesting a data exfiltration incident.
The leak includes a screenshot of alleged internal documents related to TCI Doors, emphasizing the severity of the breach. The company’s website, tcidoors.com, is referenced in connection with the leak. No personal employee information or sensitive PII is explicitly mentioned, but the publication of internal documents on a dark web forum highlights the risk to business confidentiality. The incident underscores the importance of cybersecurity measures for manufacturing companies, especially those involved in logistical and product distribution activities. The leak’s disclosure aims to pressure the victim to negotiate or address the breach while informing the public of the potential security compromise.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
