Ransomware victim disclosure
← All victimsSmith Industrial Supply
listed as shop.smithindustrialsupply.com · Claimed by Toufan · listed 3 years ago
Status timeline
- ListedDec 19, 2023
- Data leakeddate unknown
At a glance
- Group
- Toufan
- Status
- Data leaked
- Country
- United States
- Sector
- Manufacturing
- Listed on leak site
- Dec 19, 2023
About the victim
AI dossier — public-source company profileSmith Industrial Supply is a family-owned and operated business supplying tools, equipment, and supplies to the metalworking and marine industries. With over 6,000 items in stock, the company serves as a one-stop shop for hand tools, cutting tools, hydraulic, pneumatic, and power tools, abrasives, and related supplies. They also specialize in sourcing hard-to-get or specialty items.
- Industry
- Industrial Tools & Supply Distribution
Attack summary
Severity: medium — Data is listed as published by the group, suggesting confirmed exfiltration, but no details on volume, nature of data, or proof files are available. The company operates an e-commerce platform with registered user accounts, implying potential exposure of customer PII and order data, but scale and sensitivity cannot be confirmed from available evidence.The Toufan ransomware group claims to have attacked Smith Industrial Supply, with the disclosure status listed as data_published, indicating data has been released. No leak post details, ransom amount, or data size were captured.
Data the group says was taken
AI dossier — extracted from the leak post- Customer account data
- Order history
- Contact information
- Registered user records
Sources
- Victim siteshop.smithindustrialsupply.com
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

