Ransomware Group: PLAY

VICTIM NAME: White Horse Packaging

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the PLAY Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to a manufacturing company identified as White Horse Packaging, located in the United States. The attack was publicly disclosed on August 4, 2025, and the breach was detected shortly thereafter. The site includes a screenshot depicting internal documents or system interfaces, indicating potential data exfiltration or tampering related to the attack. Although specific details of the compromised data are not provided here, the presence of a dedicated leak page suggests the victim’s sensitive business information was targeted. The attackers have included a link to a claim URL on a dark web platform, which is typical for ransom negotiations or leak negotiations.

While the exact nature of compromised data is unspecified, the leak page indicates that information related to the company’s operations, possibly including confidential documents or internal communications, has been exposed. The activity type is classified under manufacturing, and the incident is linked to a known threat group called “play.” The publicly available information suggests that the attack was significant enough to warrant a public leak, potentially impacting the company’s operations or reputation. No personal or PII data appears to be disclosed in the available details. Security experts should consider this a serious incident that calls for further investigation and response planning.