Ransomware victim disclosure
← All victimsBrinkley Sargent Wiginton Architects
listed as bsw-architects.com · Claimed by Medusalocker · listed 3 years ago
Status timeline
- ListedApr 11, 2023
- Data leakeddate unknown
At a glance
- Group
- Medusalocker
- Status
- Data leaked
- Sector
- Business Services
- Listed on leak site
- Apr 11, 2023
About the victim
AI dossier — public-source company profileBrinkley Sargent Wiginton Architects is an award-winning architectural firm founded in 1975, headquartered in Dallas with offices in Austin, Houston, and Waco. The firm specializes in public sector design, including justice, public safety, recreation, higher education, and medical facility projects, with a combined heritage of 80 years of experience across two merged practices.
- Industry
- Architectural Services & Design
- Address
- 5000 Quorum Dr. Suite 600, Dallas, Texas 75254
- Founded
- 1975
Attack summary
Severity: high — Confirmed exfiltration of sensitive business data including client agreements, contracts, and project information from a firm handling public sector projects (courts, corrections, government facilities). This represents significant business and potentially client confidentiality exposure, particularly given the public sector nature of their clientele.MedusaLocker claims to have exfiltrated client case agreements, email messages (.msg files), contracts, and other business documents. The group is advertising the data for sale at $80,000 and indicates multiple projects, agreements, and contracts available for separate sale.
Data the group says was taken
AI dossier — extracted from the leak post- client case agreements
- email messages (.msg files)
- contracts
- business documents
- project files
What the group claims
DescriptionClient Case – agreement – email(.msg)- contracts – and other documents PRICE-$80000 There are many projects, agreements and contracts that can be sold separately
Sources
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

