Ransomware victim disclosure
← All victimsWhatcom County Library System
Claimed by Unsafeleak · listed 4 years ago
Status timeline
- ListedDec 21, 2022
- Data leakeddate unknown
At a glance
- Group
- Unsafeleak
- Status
- Data leaked
- Country
- United States
- Sector
- Government
- Listed on leak site
- Dec 21, 2022
- Estimated revenue
- $7.00M
About the victim
AI dossier — public-source company profileWhatcom County Library System (WCLS) is a public library network serving Whatcom County, Washington, USA. It operates multiple branch locations including Blaine, Deming, Everson, Ferndale, and others, as well as a Bookmobile and mobile services. WCLS provides books, digital content, community programs, and various lending services to county residents.
- Industry
- Public Library System
- Address
- 610 3rd Street, Blaine, WA 98230 (headquarters branch listed first; administrative offices not explicitly stated)
Attack summary
Severity: high — This is a government/public sector entity with data_published status, meaning exfiltrated data has been released. A public library system holds patron PII (library card holders, borrowing records, contact details), staff records, and potentially sensitive community data. Publication of this data constitutes confirmed exfiltration of a government entity's records with likely PII exposure.The group 'Unsafeleak' claims to have obtained data from Whatcom County Library System and has published it (disclosed status: data_published). The leak post provides no explicit detail on encryption or specific data categories, but the data is listed as published with a noted revenue figure of approximately $7 million.
Data the group says was taken
AI dossier — extracted from the leak post- Organizational financial data
- Potentially patron/staff records
What the group claims
country: US - revenue: 7.00M
Sources
- Victim sitewcls.org
Source
Indexed 4 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

