Ransomware Group: INTERLOCK

VICTIM NAME: Your Building Centers

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INTERLOCK Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak pertains to a construction industry entity named Your Building Centers, a longstanding company based in Pennsylvania, United States. The breach was discovered on July 4, 2025, with the attack occurring shortly before that date. The affected organization operates multiple locations and has a rich history dating back to the early 1900s, serving contractors, builders, and DIY enthusiasts with building supplies. The leak page indicates that cybercriminals targeted the company’s data, and a screenshot included with the leak shows a visual record of some of the compromised resources. The leak may contain sensitive internal information, though explicit details are not provided in the summary.

The breach was associated with a group named “interlock,” and the incident involved the deployment of an infostealer—software designed to collect confidential information from the compromised systems. Although there is no indication of the presence of malware involving third-party domains or employee data, the release suggests potential exposure of internal data. The company’s website, ybconline.com, is linked to the incident, and the leak includes a visual screenshot of some internal content. The leak page also provides a disarmed URL, possibly referencing how the breach can be further investigated or verified. No specific sensitive information such as PII has been disclosed here, but the leak indicates a significant cybersecurity incident for the company.