Ransomware Group: SARCOMA

VICTIM NAME: Reece Noland & McElrath Engineers

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the SARCOMA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Reece Noland & McElrath Engineers, a U.S.-based engineering firm specializing in design and consulting services for various sectors including education, healthcare, industrial, and commercial facilities. The breach was discovered on June 4, 2025, and involved a significant data leak estimated at 142 GB, indicating a substantial compromise of sensitive files and internal documents. The leak has been classified under the group “sarcoma,” and the compromised archive includes a variety of files related to the company’s engineering projects. No specific details about the type of data or individual information have been disclosed, but the leak suggests a potential exposure of proprietary or confidential information associated with their engineering services.

According to the information available, the leak features a large archive containing numerous files relevant to the company’s operations. The leak size is considerable, highlighting a significant breach of data security. The breach does not specify the exact nature of the leaked content beyond its general scope. The incident was publicly disseminated via a ransomware site, with the leak’s details illustrating the severity of the cyberattack against the engineering firm. There are no direct links or screenshots provided that reveal specific files, but the incident underscores the rising cyber threats faced by engineering and consulting companies. Efforts for incident response and remediation are advised, given the potential risks associated with such data exposure.

• The breach involved a substantial data archive of approximately 142 GB of information.
• The compromised data pertains to an engineering firm operating in the United States.
• The leak was publicly announced on June 4, 2025, indicating an active ransomware campaign targeting the company.
• No personal or sensitive individual PII has been explicitly mentioned in the leak summary.
• The leak could potentially expose proprietary project details and corporate data relevant to the company’s engineering activities.