CF Construction Ltd. has been targeted by the threat actor incransom, who has claimed to have access to sensitive files including financial documents, operational materials, confidential data, and personal information, which will soon be publicly available. The affected country is Canada.
Incident Details
- Victim: CF Construction Ltd
- Country: CA
- Actor: incransom
- Source: http://incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion/blog/disclosures/687612c8c7b82dfe0b065da1
- Discovered: 2025-07-15 09:17:35.419350
- Published: 2025-07-15 07:07:00.000000
Information
- A list of files related to various aspects of the companyβs business will soon be available.
- Includes financial documents such as Accounting-AP, Credit, Financial, Payroll, and Tax records.
- Contains administrative and operational materials, including ADMINISTRATION ITEMS and Operations-Management documents.
- Encompasses confidential data, including Confidential, Personal, and Private files.
- Features contractor and vendor documents, such as Subcontractors and SUPPLIERS files.
- Several non-disclosure agreements (NDAs) with various organizations are included, involving CF Construction, MAESTRO TECHNOLOGIES, ACR-Stirling McArthur, Spira, and others.
- Personal information such as passports, credit cards, and similar data are also part of the compromised files.
Disclaimer: This post is based on public claims made by the ransomware group "incransom". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.