Ransomware Group: BLACKSUIT

VICTIM NAME: Inns of Aurora

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the BLACKSUIT Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to a hospitality and tourism business known as “Inns of Aurora,” located in the United States. The attack was publicly disclosed on May 29, 2025, with the breach confirmed shortly thereafter. The scene of the data leak includes a screenshot, which appears to illustrate internal documents or data. Although specific details about the compromised information are not disclosed, the page suggests that sensitive data associated with the victim has been accessed or exfiltrated by cybercriminals.

The threat actor group identified as “blacksuit” claims responsibility for the attack. The page provides a claim URL hosted on the dark web, indicating the victim’s data is being offered for potential download or exposure. The breach involves a data leak likely involving customer or internal business information, although explicit data types are not detailed publicly. As of the discovery date, the attacker appears to have successfully infiltrated the victim’s systems, highlighting ongoing cybersecurity risks facing the hospitality sector. No specific breach contents or type of stolen data are publicly specified beyond the existence of the leak.