[SAFEPAY] – Ransomware Victim: bannenbergandrowell[.]com

AI Generated Summary of the Ransomware Leak Page

The ransomware leak post tied to the domain bannenbergandrowell.com is attributed to the SAFEPAY group. The metadata shows a post date of 2025-10-24 21:22:44.232793, with a companion blog timestamp earlier on 2025-10-24 19:12. The leak page indicates a claim URL is present, but there are no image assets or downloadable files on the page (images_count and downloads_present are false). The victim is listed as located in the United Kingdom (GB). No explicit compromise date is provided beyond the post date, so this should be treated as the date of publication rather than a confirmed breach date. The entry aligns with a data-leak/extortion narrative commonly used by ransomware operators, though the page does not display any encrypted content or a ransom amount in the provided metadata.

According to the body excerpt accompanying the leak, the domain represents a London-based luxury design studio that specializes in exterior and interior design for high-end superyachts, offering full-service design for custom motor and sail yachts as well as residences for private clients and select lifestyle commissions. The description suggests a portfolio including large, high-profile exteriors and bespoke interiors developed in collaboration with major shipyards, and it characterizes the business as a boutique operation focused on ultra-high-net-worth projects. The excerpt notes revenue around $5 million and explains that public accounts are not published, with revenue described as variable and highly dependent on a small number of large commissions. While the page provides this context about the victim’s business, there is no stated data type or ransom demand in the post, and no screenshots or downloadable data accompany the page beyond the textual description.