[BLACKSHRANTAC] – Ransomware Victim: CCI Tax Pros, Inc

AI Generated Summary of the Ransomware Leak Page

On October 31, 2025, a leak page attributed to the ransomware group blackshrantac identifies the victim as CCI Tax Pros, Inc., a Virginia-based financial services firm that provides tax preparation and advisory services to individuals and small businesses. The post frames the incident as a data-leak event rather than a pure encryption breach, asserting that as much as 80GB of data has been exfiltrated and that the attackers may publish the material or offer it for sale, aligning with double-extortion ransomware patterns. The page highlights the firm’s service scope—tax planning, tax return preparation, audit representation, and business tax management—without detailing the breach’s technical aspects, and it references the victim’s public-facing site in defanged form as ccitaxpros[.]com.

The leak page also features a gallery of visuals described as 11 images (screenshots of internal documents or data assets) intended to corroborate the exfiltration claim, though the exact contents are not itemized. The defanged domain appears within the text as ccitaxpros[.]com, consistent with leak posts that reference a victim’s site. The data categories purportedly compromised include Personal Information (client names and Social Security numbers, among other contact details), Tax Filing Data, Tax Planning Data (including projections of future tax liabilities and investment plans), Audit History with supporting documents, Financial Consulting Data, and Business Services Data (such as payroll and regulatory data). Taken together, the post portrays a broad data-leak event with potential exposure to clients and the firm, suggesting the data could be released publicly or monetized if demands are not met.