Ransomware victim disclosure
← All victimsVan Wingerden Greenhouses
listed as vanwingerden.com · Claimed by Abyss · listed 2 years ago
Status timeline
- ListedFeb 14, 2024
- Data leakeddate unknown
At a glance
- Group
- Abyss
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Feb 14, 2024
- Data size
- 337 GB
- Ransom demanded
- $50
About the victim
AI dossier — public-source company profileVan Wingerden Greenhouses is a wholesale greenhouse operator based in the Pacific Northwest, specializing in growing premium quality annuals, perennials, hanging baskets, poinsettias, and tropicals for wholesale customers. Founded in 1980, the company also operates fundraising programs for nonprofits and community organizations across the region.
- Industry
- Horticulture & Wholesale Greenhouse Operations
- Founded
- 1980
Attack summary
Severity: medium — Confirmed data exfiltration of substantial volume (337 GB) from a legitimate business, but no regulated/sensitive data categories explicitly mentioned and no proof files displayed specific to this victim in the leak post.The Abyss group claims to have exfiltrated 337 GB of uncompressed data from Van Wingerden Greenhouses. The leak post does not specify what categories of data were targeted or provide direct proof files specific to this victim.
Data the group says was taken
AI dossier — extracted from the leak post- Business records
- Operational data
- Customer information
- Internal systems data
What the group claims
vanwingerden.com 337Gb uncompressed data
The leak post
captured from the group's site```
let data = [
{
'title' : 'thinlinetech.com',
'short' : 'thinlinetech.com 29Gb uncompressed data',
'full' : 'Thinline Technologies <br>' +
'Thinline Technologies offers reliable IT consulting and expert computer and network support services to businesses in the Baltimore metro area.<br> They specialize in network administration, technology planning, and help desk services, focusing on increasing productivity and profitability for small to mid-size businesses.<br>'+
'password: 6oGfyIRISQmmI3Ge2kEeyu7hbzONONEFpkcnhC1S4Ygk4iSpw4RRxDXY1uk9xeyUXOmg7UOuZvGekRc9cs8E61LWKdI08uv0kUyC4V6YxaETtrhniAtKD9t7FQ2qTFYi<br>'+
'Link â„–1 Filelist',
'links' : [
"http://zngbsq66uwem4qzyxpqb5rjo2xebnbwdku27nhmquryx6ljnbbedhiad.onion/thinline.lst.zip",
"http://zngbsq66uwem4qzyxpqb5rjo2xebnbwdku27nhmquryx6ljnbbedhiad.onion/thinline.rar"
]
},
{
'title' : 'crownlaboratories.com',
'short' : 'crownlaboratories.com 8Tb uncompressed data',
'full' : 'Crown Laboratories <br>' +
'Crown Laboratories, founded in 2000 and based in Johnson City, TN, provides pharmaceutica…Screenshot of the leak post

Sources
- Victim sitevanwingerden.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

