[BLACKSHRANTAC] – Ransomware Victim: Eligibility Tracking Calculators
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal issues relating to the content should be directed at the attackers, not RedPacket Security. This blog is an editorial notice informing that a company has fallen victim to a ransomware attack. RedPacket Security is not affiliated with any ransomware threat actors or groups and will not host infringing content. The information on this page is automated and redacted whilst being scraped directly from the BLACKSHRANTAC Onion Dark Web Tor Blog page.
AI Generated Summary of the Ransomware Leak Page
On October 28, 2025, a ransomware leak post identifies Eligibility Tracking Calculators as the victim. ETC is described as a technology company that provides employee benefits management software for employers, insurance brokers, and CPA firms to track eligibility and ensure regulatory compliance. The post frames the event as a data breach resulting from a ransomware intrusion and claims that roughly 110GB of data was exfiltrated from ETC’s network. The leak page includes 31 image attachments—likely screenshots of internal documents or records—to illustrate the breach, though the exact contents of the images are not described in detail. The leaked materials are described as spanning multiple internal domains, including databases, applications, and documents, with statements that some data are sensitive, such as financial information and email credentials. A note on the page indicates that the data will be published and references a claim URL, though the actual link is not shown here. The United States is identified as the victim’s country, and the post date serves as the breach’s public disclosure date.
The page presents a claim of data exfiltration involving a large dataset estimated at 110GB and references 31 image files as evidence, described as screenshots of internal materials. PII such as email addresses is redacted in the leak details. The materials reportedly cover databases, software, and related documents across multiple internal areas, with a statement that some data are sensitive, including financial data and credentials. The leak notes that data may be published publicly and provides a claim URL to access the data (not shown in this summary). There is no explicit ransom figure listed in the accessible content, and the material does not clearly confirm encryption status beyond the exfiltration claim. The combination of image evidence, a substantial data footprint, and the stated intention to publish underscores the risk posture facing technology-sector organizations handling employee-benefits data.
Support Our Work
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.
