Ransomware victim disclosure
← All victimsLink Reflective & Protective Designs
listed as LINKGROUP · Claimed by Arcusmedia · listed 1 year ago
Status timeline
- ListedMar 3, 2025
- Data leakeddate unknown
At a glance
- Group
- Arcusmedia
- Status
- Data leaked
- Country
- South Africa
- Sector
- Financial Services
- Listed on leak site
- Mar 3, 2025
About the victim
AI dossier — public-source company profileLink Reflective & Protective Designs is a 100% Black female-owned uniform manufacturing company founded in 1998, specializing in traffic and EMS uniforms, reflective and rainwear, ceremonial garments, and ballistic body armour. Based in Johannesburg, South Africa, the company employs over 280 staff including machinists, marketers, sales representatives, and technicians.
- Industry
- Uniform Manufacturing & Personal Protective Equipment
- Address
- 44 Prairie Street, Oakdene, Johannesburg, South Africa
- Employees
- 280
- Founded
- 1998
Attack summary
Severity: medium — Data has been published by the ransomware operator, indicating confirmed exfiltration. However, the specific data types and scale are unclear from the available post; the company handles PPE and uniforms rather than highly regulated financial data, though employee PII may be at risk.Arcusmedia claims to have compromised Link Reflective & Protective Designs and has published data. No details are provided in the truncated leak post regarding the scope of exfiltration or encryption.
Data the group says was taken
AI dossier — extracted from the leak post- Business records
- Employee information
- Customer data
- Manufacturing/design documentation
What the group claims
Hard landscaping including new patios, retaining walls, rockeries, decking,…
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

