Ransomware Group: INTERLOCK

VICTIM NAME: Janco Steel

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INTERLOCK Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak pertains to Janco Steel, a Canadian manufacturing company specializing in steel processing. The breach was discovered on May 1, 2025, approximately one minute after it was detected, indicating a recent compromise. The leak page indicates that sensitive information relevant to the company’s operations may have been exposed. Visual evidence includes a screenshot displaying internal documents or system information, suggesting the hackers gained access to significant internal data. The leak is associated with a group named “interlock,” and the attack targeted the company’s infrastructure with potential access to data related to employee details, business operations, or internal communications. No specific personal or customer data appears to be directly disclosed in the available information. Download links or data leaks are referenced, offering data sharing options for the group.

Janco Steel is a prominent steel service center owned and operated by a Canadian family, serving clients across Canada and the United States. The company emphasizes safety, quality, and strong business partnerships. The breach has compromised this company’s operational data, which could impact its business relationships and internal processes. The leaked content includes a screenshot of internal documents, though the exact details remain unspecified. The leak site provides a URL for further information or access, but no personally identifiable information (PII) or sensitive employee data is explicitly mentioned in the publicly available summary. The attack’s technical details and extent of the data exposure are not fully disclosed, but the incident highlights vulnerabilities within manufacturing sector cybersecurity defenses.