Ransomware Group: PLAY

VICTIM NAME: Overhead Door of Nova Scotia

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the PLAY Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Overhead Door of Nova Scotia, a company operating in the construction industry based in Canada. The attack was discovered on May 12, 2025, and the breach appears to have occurred around the same date, highlighting recent malicious activity targeting this organization. The page features a screenshot illustrating the incident, which may include visual evidence of compromised data or internal systems. No specific sensitive information, such as PII or company details, has been publicly disclosed in the leak, and the site emphasizes that data has been leaked or potentially exposed. The leak page is accessible via a dark web link, associated with a group called “play,” indicating the possible involvement of a threat actor known by that handle.

The leak information suggests the attackers targeted the company’s network, extracting data related to its operations or internal documents. Despite the presence of the screenshot, no detailed data or files are explicitly shared in this summary, and the exact nature of the leaked information remains undisclosed. The site does not specify the volume of data compromised or the specific data types involved. Basic contextual details, such as the targeted company’s industry and geographic location, are provided, but no personally identifiable information is accessible. Overall, this incident underscores the persistent threat to infrastructure and construction sector firms from ransomware groups and highlights the importance of cybersecurity defenses.