Ransomware Group: SAFEPAY

VICTIM NAME: mooregiles[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the SAFEPAY Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware incident targeting Moore & Giles, a Virginia-based manufacturer specializing in luxury leather and home furnishings, was discovered on May 6, 2025. The company, founded in 1933 and engaged in high-end residential, hospitality, and aviation markets, experienced a cyberattack that compromised its digital infrastructure. The leak page provides limited information about the attack but indicates that the group responsible is associated with the “safepay” collective. A screenshot of the compromised systems is available, suggesting the presence of internal data or systems visualized for the public. No specific details about the extent of data leaked or the type of sensitive information stolen are included, but the incident raises concerns about cyber resilience in the manufacturing sector.

The leak page hints at possible data exposure, with references to infostealers and third-party involvements, although no concrete data or files are currently made available through the provided links. The victim operates within the US and specializes in high-quality design and distribution, emphasizing environmental accountability. The company’s website and external sources may have been targeted to disrupt business operations or tarnish reputation. Visual evidence in the form of a screenshot suggests that threat actors have possessive access to internal details but have refrained from releasing specific data publicly. Cybersecurity measures and vigilant monitoring are recommended for organizations in similar industries to mitigate such threats.