Ransomware Group: SAFEPAY

VICTIM NAME: aplusmachining[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the SAFEPAY Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to a US-based manufacturing company specializing in precision CNC machining. The company offers services such as milling, turning, surface grinding, and wire EDM, serving industries including aerospace, automotive, and medical. The company’s website is identified as aplusmachining.com. The attack was discovered on May 17, 2025, and the breach involved an information security incident that has prompted malicious actors to publish a data leak. The leak includes a screenshot indicating the presence of potentially internal content or documents, though specific details are not disclosed publicly. The presence of download links or data leaks has been indicated by the attackers, but exact data is not available from the summary.

The page does not specify sensitive personal information or PII, focusing instead on the affected company’s operational details and industry focus. The attack appears to be part of a targeted effort against manufacturing companies in the United States, aiming to disrupt or threaten operations. The leak’s timestamp aligns closely with the discovery date, suggesting prompt publication following the breach. Additional technical or confidential company information is not publicly detailed, ensuring privacy and security of internal data. The screenshot provided hints at internal documentation or system interfaces, but no explicit content from these sources is visible in this summary.