Ransomware victim disclosure
← All victimsTri State Electric
Claimed by Ransomhouse · listed 1 year ago
Status timeline
- ListedMay 20, 2025
- Data leakeddate unknown
At a glance
- Group
- Ransomhouse
- Status
- Data leaked
- Country
- United States
- Sector
- Energy
- Listed on leak site
- May 20, 2025
- Data size
- 743 GB
- Ransom demanded
- $740
About the victim
AI dossier — public-source company profileTri-State Electric is a full-service electrical contractor based in El Paso/Las Cruces area (Texas) with over 50 years of experience. They specialize in high-voltage systems (64 kV and above), low-voltage installations, telecom, security, and fire alarm systems for commercial, utility, and government projects. The company is fully insured and bonded for projects up to $95 million.
- Industry
- Electrical Contracting & Infrastructure
- Address
- 530 Valley Chile Rd. Vinton, Texas, 79821
Attack summary
Severity: high — Confirmed exfiltration of 743 GB of data from a critical infrastructure contractor (electrical utilities) with government contracts; operational disruption to an electrical services provider affects regional infrastructure. Data likely includes sensitive project details, employee PII, and client information.Ransomhouse claims to have encrypted Tri-State Electric's systems and exfiltrated 743 GB of data. The group lists the victim among multiple disclosed cases with proof-of-access claims.
Data the group says was taken
AI dossier — extracted from the leak post- Business records
- Project documentation
- Employee information
- Client contracts
- Financial data
What the group claims
Tri-State Electric is a full service electrical contractor company, servicing the Sun City region with a proven track record of delivering on time and on budget electrical installations. We can perform and comfortably manage any job electrically.
The leak post
captured from the group's site```
{"data":[{"id":"a1894b76b7004c75a3a0845799af49956592e3d9","display":"animated","header":"HOT NEWS","info":" Trellix is a global cybersecurity company.","url":"","sort":1,"views":"436242"},{"id":"336b257f582b17573c97578efd4b22762bf77344","sort":2,"header":"Trellix (McAfee & FireEye)","url":"https://www.trellix.com/","private":"false","revenue":"1.5-2 B$","employees":"5000","info":"Trellix is a global cybersecurity company formed from the October 2021 merger of McAfee Enterprise and FireEye. It provides services to over 50,000 business and government customers worldwide, protecting more than 200 million endpoints. The companys open and native extended detection and response (XDR) platform helps organizations confronted by todays most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security","statusDate":"DEPENDS ON YOU","status":"EVIDENCE","published":"NOT YET","action":"Encrypted","actionDate":"17/04/2026","volume":"~","content":"cybersecurity.html"…Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

