Ransomware victim disclosure
← All victimsCeratec Surfaces
listed as ceratec.com · Claimed by Abyss · listed 1 year ago
Status timeline
- ListedMar 3, 2025
- Data leakeddate unknown
At a glance
- Group
- Abyss
- Status
- Data leaked
- Country
- Canada
- Sector
- Technology
- Listed on leak site
- Mar 3, 2025
- Data size
- 29 GB
- Ransom demanded
- $50
About the victim
AI dossier — public-source company profileCeratec Surfaces is a Quebec-based company that sells home and commercial flooring products including vinyl and tiles, and offers installation systems. They serve consumers, architects, designers, and retailers with a range of porcelain tiles, vinyl planks, and installation materials.
- Industry
- Building Materials & Flooring
- Address
- Quebec, Canada
Attack summary
Severity: high — 700 GB of exfiltrated data from a commercial company with customer and business operations; data published on leak site with download links and passwords provided; likely contains customer and operational information.The Abyss group claims to have exfiltrated 700 GB of uncompressed data from Ceratec Surfaces. The post provides download links and a password but does not specify what data categories were accessed.
Data the group says was taken
AI dossier — extracted from the leak post- Business files
- Customer data
- Employee records
- Financial documents
- Product specifications
What the group claims
Based in Quebec, Canada, Ceratec Surfaces sells a variety of home and commercial flooring products such as vinyl and tiles, and offers installation systems.
The leak post
captured from the group's site```
let data = [
{
'title' : 'thinlinetech.com',
'short' : 'thinlinetech.com 29Gb uncompressed data',
'full' : 'Thinline Technologies <br>' +
'Thinline Technologies offers reliable IT consulting and expert computer and network support services to businesses in the Baltimore metro area.<br> They specialize in network administration, technology planning, and help desk services, focusing on increasing productivity and profitability for small to mid-size businesses.<br>'+
'password: 6oGfyIRISQmmI3Ge2kEeyu7hbzONONEFpkcnhC1S4Ygk4iSpw4RRxDXY1uk9xeyUXOmg7UOuZvGekRc9cs8E61LWKdI08uv0kUyC4V6YxaETtrhniAtKD9t7FQ2qTFYi<br>'+
'Link â„–1 Filelist',
'links' : [
"http://zngbsq66uwem4qzyxpqb5rjo2xebnbwdku27nhmquryx6ljnbbedhiad.onion/thinline.lst.zip",
"http://zngbsq66uwem4qzyxpqb5rjo2xebnbwdku27nhmquryx6ljnbbedhiad.onion/thinline.rar"
]
},
{
'title' : 'crownlaboratories.com',
'short' : 'crownlaboratories.com 8Tb uncompressed data',
'full' : 'Crown Laboratories <br>' +
'Crown Laboratories, founded in 2000 and based in Johnson City, TN, provides pharmaceutica…Screenshot of the leak post

Sources
- Victim siteceratec.com
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

