Ransomware victim disclosure
← All victimsRyan Harvie McEnery
Claimed by Blacklock · listed 1 year ago
Status timeline
- ListedJun 5, 2025
- Data leakeddate unknown
At a glance
- Group
- Blacklock
- Status
- Data leaked
- Country
- United Kingdom
- Sector
- Financial Services
- Listed on leak site
- Jun 5, 2025
- Records
- 25 Employees
- Ransom demanded
- $5M
About the victim
AI dossier — public-source company profileRyan Harvie McEnery is an accounting firm based in Australia providing taxation, superannuation, accountancy, and valuation services to businesses and individuals. The firm operates with fewer than 25 employees and generates annual revenue below $5 million.
- Industry
- Accounting & Tax Services
- Employees
- <25
Attack summary
Severity: high — Confirmed data exfiltration from accounting firm handling sensitive financial and tax information for multiple clients. Exposure of tax records, superannuation data, and client financial information represents significant PII and regulated data at scale across client base.BlackLock claims to have exfiltrated data from Ryan Harvie McEnery. The group has published data and disclosed the breach, indicating confirmed data exfiltration rather than encryption-only attack.
Data the group says was taken
AI dossier — extracted from the leak post- tax records
- superannuation documents
- financial records
- client accounting data
What the group claims
Accounting Services Australia <25 Employees Ryan Harvie McEnery offers businesses & individuals dedicated professional assistance with taxation, superannuation, accountancy & valuation services. Revenue <$5 Million
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

