CF Evans Construction (United States) reported a ransomware incident in which the dragonforce threat actor may have accessed sensitive company records including corporate correspondence, financial and HR documents, and accounting data, as well as certificates, contracts, passwords, and databases. The company, a long-standing leader in multi-family housing construction, saw business-critical information impacted in the affected country(s): #UnitedStates
Incident Details
- Victim: CF Evans Construction
- Sector: Construction
- Country: US
- Actor: dragonforce
- Source: http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/blog/?post_uuid=b008b8b7-0e47-416f-adcd-2313d8136de4
- Discovered: 2026-05-08T21:23:28.869233+00:00
- Published: 2026-05-08T20:56:13.122134+00:00
Information
- Recognized leader in the multi-family housing construction industry, providing products for developers
- Has thrived for six decades
- Corporate correspondence of senior executives
- Financial documents
- HR documents
- Accounting documents
- Certificates
- Contracts
- Passwords
- Databases
- And much more
Disclaimer: This post is based on public claims made by the ransomware group "dragonforce". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.