[KAIROS] – Ransomware Victim: ocbar[.]org/USA/114GB
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal issues relating to the content should be directed at the attackers, not RedPacket Security. This blog is an editorial notice informing that a company has fallen victim to a ransomware attack. RedPacket Security is not affiliated with any ransomware threat actors or groups and will not host infringing content. The information on this page is automated and redacted whilst being scraped directly from the KAIROS Onion Dark Web Tor Blog page.
AI Generated Summary of the Ransomware Leak Page
On October 20, 2025, a leak page identifies the victim as ocbar[.]org/USA/114GB, a defanged reference to the Orange County Bar Association (OCBA). The post frames the incident as a ransomware-driven data breach and asserts that roughly 114 GB of data was exfiltrated from the organization’s network. The metadata lists the post date as 2025-10-20 18:15:29.595752, which should be treated as the public disclosure date. The page notes a claim URL, indicating there is a path for a ransom or data-leak notification, but no explicit ransom amount is provided in the accessible data. The event is described as a data-leak scenario rather than encryption-only, with the 114GB figure embedded in the victim identifier reinforcing the claimed data volume. The industry field is not populated, but the description identifies the victim as the Orange County Bar Association, signaling a professional legal organization as the target.
The leak page contains a gallery of 15 images, described in the metadata as screenshots or internal documents intended as evidence of the breach. The presence of these visuals suggests the attackers aimed to substantiate their exfiltration claim, though specific content within the images is not detailed here. The body excerpt repeatedly references ocbar.org/USA/114GB and associated OCBA branding, reinforcing the victim attribution. While no ransom figure is disclosed in the data, the combination of a claim URL and a stated data volume aligns with common ransomware leak-site patterns that accompany data release or negotiation avenues. The dataset’s industry field remains unclear, but the accompanying description confirms the Orange County Bar Association as the victim.
PII elements such as addresses and phone numbers appear in the leak’s metadata but are redacted in this summary to protect privacy. The victim_name is preserved as provided, while other organizational names cited in the images or text are not discussed here in line with the instruction to focus on the stated victim. The 114GB data figure implies a substantial data exfiltration event, and the presence of 15 images indicates a substantial effort to document the breach visually. No downloadable payload is indicated in the metadata, and the post date remains October 20, 2025, which should be treated as the official publication date for the leak.
Support Our Work
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.
