Ransomware Group: BLACKLOCK

VICTIM NAME: Lumenation

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the BLACKLOCK Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The presented ransomware leak concerns a company operating in the manufacturing sector based in Kentucky, United States. The victim is identified as a lighting sales agency serving Kentucky and southern Indiana, with a history dating back to 1960. The company has a small workforce with fewer than 25 employees and reports an annual revenue of less than five million dollars. The ransomware incident was publicly disclosed on June 3, 2025, with the compromise date also noted as June 3, 2025. The leak includes a claim URL where the affected data can be accessed, suggesting that sensitive information might have been leaked or is at risk of exposure.

The page features a screenshot depicting internal documents or data related to the company. No personally identifiable information or sensitive customer data is directly visible in the publicly available excerpt. The leak is associated with a group identified as “blacklock.” Additionally, a download link for impacted data is provided through an accessible URL, indicating the attacker’s intent to showcase or sell the stolen information. The leak’s severity and the scope of the data compromised remain unspecified but highlight the persistent threat posed to small manufacturing entities from ransomware groups. No further details on the specific data types or additional threat indicators are included in the overview.