Ransomware victim disclosure
← All victimsQUILTCRAFT
Claimed by Frag · listed 1 year ago
Status timeline
- ListedMar 24, 2025
- Data leakeddate unknown
At a glance
- Group
- Frag
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Mar 24, 2025
About the victim
AI dossier — public-source company profileQuiltcraft is a manufacturer of window treatments and bedding products for the healthcare, hospitality, and commercial industries, founded in 1986. They specialize in draperies, cubical curtains, roller shades, wall upholstery, roman shades, and pillows, serving major hotel chains and commercial clients across the United States.
- Industry
- Hospitality Textiles & Window Treatments
- Founded
- 1986
Attack summary
Severity: critical — Confirmed exfiltration of highly sensitive regulated data including PII at scale (SSNs, driving licenses, medical records, employee/client contact info), which includes medical data and government identifiers.The frag group claims to have exfiltrated partnership agreements, licenses, contracts, employee and client contact information, HR documents, driving licenses, immunization records, and social security numbers for both employees and clients.
Data the group says was taken
AI dossier — extracted from the leak post- Partnership agreements
- Business licenses
- Contracts
- Employee contact information
- Client contact information
- HR documents
- Driving licenses
- Medical immunization records
- Social security numbers
What the group claims
Household Goods Quiltcraft offers an extensive line of products and services for the healthcare, hospitality and commercial industries from draperies and cubical curtains to roller shades and wall upholstery. Our team was successful in extracting the following documents: Partnership agreements, licenses and contracts Contact information of clients and employees HR documents The icing on the cake: Driving licenses Immunization medical documents Employee and clients social security numbers
Sources
- Victim sitequiltcraft.com
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

