Ransomware victim disclosure
← All victimsKuhnline
Claimed by Play · listed 6 days ago
Status timeline
- ListedJun 27, 2026
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileKuhnline.com is an IT support services company serving small businesses in the San Francisco Bay Area. They provide managed IT services including helpdesk support, network management, server administration, hosting, cloud services, security camera systems, and virtualization (VMware). The company has supported clients ranging from startups through acquisition phases, with some long-term relationships spanning 15+ years.
- Industry
- Information Technology Services & IT Support
- Address
- San Francisco Bay Area, CA, USA (weekly presence at 505 Sansome St, 353 Sacramento St, 555 Montgomery St, 150 Spear St, One Embarcadero Center, SF Financial District)
Attack summary
Severity: low — No proof files, screenshots, or data samples are mentioned. No specific claim of exfiltration or encryption is detailed. Only a bare listing/announcement in the group's leak post without substantiation.The Play ransomware group claims to have attacked Kuhnline. The group's leak post provides minimal detail; only the country 'United States' is noted. No specific details about encryption, exfiltration, or data types are stated in the available post excerpt.
What the group claims
United States
Sources
Source
Indexed 6 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

