Ransomware victim disclosure
← All victimsStone Hill Contracting Co., Inc.
listed as stonehillcontracting.com · Claimed by Abyss · listed 3 years ago
Status timeline
- ListedMar 21, 2023
- Data leakeddate unknown
At a glance
- Group
- Abyss
- Status
- Data leaked
- Country
- United States
- Sector
- Construction
- Listed on leak site
- Mar 21, 2023
- Data size
- 176 GB
About the victim
AI dossier — public-source company profileStone Hill Contracting Co., Inc. is an employee-owned construction company based in Doylestown, Pennsylvania, founded in 1981. The company specializes in the construction of water and wastewater treatment facilities, landfills, bridges, and water retention projects, serving private, public, and municipal clients throughout the Mid-Atlantic region of the United States. Stone Hill is also active in design-build construction and is a member of multiple industry associations including AWWA, DBIA, and WEF.
- Industry
- Water & Wastewater Infrastructure Construction
- Address
- PO Box 1370, Doylestown, PA 18901
- Founded
- 1981
Attack summary
Severity: high — 176 GB of data has been confirmed exfiltrated and published. The company works with public and municipal clients on critical water and wastewater infrastructure, meaning the data likely includes sensitive project details, employee PII, and municipal/government contract information, representing significant business and potentially sensitive infrastructure data.The Abyss ransomware group claims to have exfiltrated 176 GB of uncompressed data from Stone Hill Contracting Co., Inc., with the disclosed status indicating the data has been published. No ransom amount was stated.
Data the group says was taken
AI dossier — extracted from the leak post- Business/operational documents
- Project files
- Financial records
- Employee data
- Client/municipal contract records
What the group claims
Stone Hill Contracting, Inc. 176Gb uncompressed data
Sources
- Victim sitestonehillcontracting.com
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

