Ransomware Group: INTERLOCK

VICTIM NAME: Eagle Builders

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INTERLOCK Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Eagle Builders, a company active in the construction industry. The incident was discovered on June 13, 2025, and involves a data breach that potentially exposed sensitive information related to the company’s operations. Eagle Builders is known for maintaining a strong safety program, emphasizing employee accountability and public safety, particularly within the field of precast concrete design, fabrication, and construction. The leak webpage includes a screenshot of internal information, indicating the presence of data that has been compromised or released by malicious actors. The attackers have set up a claim URL for affected parties to investigate or claim their data, which is hosted through an onion link on the dark web.

The volume of leaked information or files is not explicitly detailed, but the presence of a dedicated screenshot suggests the leak may contain visual evidence or internal documents. The breach was identified through a monitoring service that tracks ransomware activities, underscoring ongoing threats faced by construction and civil engineering entities. No specific Personally Identifiable Information (PII) or employee data appears to be explicitly disclosed in the publicly available summary. The incident highlights the growing cybersecurity concerns within the construction sector, especially related to vital infrastructure and safety protocols. Due to the dark web nature of this leak, affected parties are advised to follow appropriate security measures and monitor for any signs of further malicious activity.