Ransomware victim disclosure
← All victimsMetropolitan Adjustment Bureau
Claimed by Chaos · listed 8 months ago
Status timeline
- ListedNov 13, 2025
- Data leakeddate unknown
At a glance
- Group
- Chaos
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Nov 13, 2025
About the victim
AI dossier — public-source company profileMetropolitan Adjustment Bureau is a public insurance adjusting firm based in Los Angeles, California, founded in 1972. The company represents homeowners and businesses in insurance claims related to fire, water, earthquake, theft, vandalism, and other disaster damage, handling residential and commercial claims across the region. They operate on a contingency-fee basis and specialize in negotiating settlements with insurance carriers on behalf of policyholders.
- Industry
- Public Insurance Adjusting
- Address
- Los Angeles, CA (serving greater Los Angeles area; headquartered in the San Fernando Valley based on 818 area code)
- Employees
- 1-10
- Founded
- 1972
Attack summary
Severity: high — Data has been published (not merely listed), and the nature of the business — handling insurance claims for homeowners and businesses — means records likely contain significant PII, financial data, property details, and sensitive client correspondence at scale across 50+ years of operations.The Chaos ransomware group claims to have attacked Metropolitan Adjustment Bureau and has published data (disclosed status: data_published), though the leak post does not specify the volume of data exfiltrated or whether encryption was also performed.
Data the group says was taken
AI dossier — extracted from the leak post- Insurance claim files
- Client personal information (PII)
- Property damage assessments
- Financial settlement records
- Business correspondence
- Insurance policy documentation
What the group claims
Metropolitan Adjustment Bureau is a public insurance adjusting firm with over 50 years of experience assisting homeowners and businesses with insurance claims related to fire, water, earthquake, and disaster damage.
Sources
Source
Indexed 8 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

