Ransomware victim disclosure
← All victimsLinney
Claimed by Dunghill · listed 1 year ago
Status timeline
- ListedApr 27, 2025
- Data leakeddate unknown
At a glance
- Group
- Dunghill
- Status
- Data leaked
- Country
- United Kingdom
- Listed on leak site
- Apr 27, 2025
About the victim
AI dossier — public-source company profileLinney is a sixth-generation marketing services group founded in 1851, headquartered in Mansfield, UK. They provide multichannel marketing solutions including graphic design, brand strategy, copywriting, social media, web design, video production, and analytics. Major clients include McDonald's (for over a decade) and Starbucks.
- Industry
- Marketing Services & Creative Agency
- Address
- Adamsway, Mansfield, Nottinghamshire, NG18 4FW, United Kingdom
- Founded
- 1851
Attack summary
Severity: medium — Confirmed data exfiltration of a marketing services firm with access to sensitive client campaign details and strategic information (McDonald's, Starbucks); however, no specific regulated data categories (PII, financial records, medical data) are mentioned. No proof files are advertised in the truncated post.The dunghill group claims to have breached Linney and exfiltrated data. The leak post does not specify what data categories were accessed or the scope of exfiltration.
Data the group says was taken
AI dossier — extracted from the leak post- Client project files
- Marketing campaign materials
- Brand strategy documents
- Client communications
What the group claims
Linney is a sixth generation, world-class, multichannel marketing services group. It offers graphic design, brand strategy, copywriting, social media campaigns, website design and build, data analysis, content scheduling, prototyping, eCommerce integrations, film editing and video production, reporting and analytics, and other solutions. For more than a decade, Linney has produced and managed marketing campaigns within McDonald's restaurants. The company is currently preparing a marketing campaign for Starbucks in the spring of 2025.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

