Ransomware Group: DRAGONFORCE

VICTIM NAME: Memphis Millwork

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the DRAGONFORCE Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

Memphis Millwork, a US-based manufacturer specializing in commercial architectural millwork, is identified as the victim in a ransomware leak post. The leak page frames the incident as a data-leak event and lists the types of data allegedly exfiltrated as client data, accounting records, and internal documentation. The metadata indicates the post date (the leak page publish date) as September 26, 2025, with a precise timestamp. A claim URL is provided on the page for negotiation or verification, though the available data does not include any explicit ransom amount. The page contains no downloadable files or media assets, and there are zero images or screenshots present. The accompanying description offers background on Memphis Millwork’s business to contextualize the victim.

Regarding the compromise date, there is no explicit compromise date provided in the data; the post date is used as the release date for the leak page. The listed data categories imply exposure of sensitive business information, consistent with data-leak activity seen in ransomware campaigns, though no ransom figure is disclosed in the available data. The presence of a claim URL suggests that the attackers expect negotiation, but the absence of a stated monetary demand means no specific amount is reported here. The lack of images or attachments reinforces that this post is text-driven, signaling a breach and offering engagement rather than a disclosed payment figure. This incident underscores the ongoing risk to manufacturing firms that manage client data and internal records and highlights the importance of robust data protection and incident response planning.