Ransomware victim disclosure
← All victimsPrime Beverage Group
Claimed by Worldleaks · listed 11 months ago
Status timeline
- ListedAug 7, 2025
- Data leakeddate unknown
At a glance
- Group
- Worldleaks
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Aug 7, 2025
About the victim
AI dossier — public-source company profilePrime Beverage Group is a beverage co-packing facility based in Charlotte, NC, specializing in manufacturing, packaging, storage, blending, and distribution services for premium alcoholic and non-alcoholic beverages. The company operates a 900,000+ square-foot FDA-certified facility and serves customers across the East Coast and Midwest via integrated supply chain solutions.
- Industry
- Beverage Co-packing & Distribution
- Address
- Charlotte, NC, United States
Attack summary
Severity: medium — Data has been published by a ransomware group with disclosed status confirmed, but no proof files/screenshots are quantified in the available post, and no specific sensitive data categories (PII at scale, financial records, etc.) are explicitly mentioned. Impact is moderate due to confirmed publication but limited transparency on what was accessed.The worldleaks group claims to have breached Prime Beverage Group and published data. No specific details about encryption, exfiltration scope, or affected data types are provided in the available leak post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Business records
- Customer information
- Supply chain data
- Manufacturing documentation
Original description
AI-summarised, not from the leak postPrime Beverage Group is a private alcohol distribution company, recognized as a leader within the beverage industry and known for representing a diverse range of premium alcoholic beverages. It operates nationwide, offering customers a comprehensive services including effective sales, brand marketing and distribution. The group is committed to promoting responsible drinking practices.
Sources
Source
Indexed 11 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

