Ransomware victim disclosure
← All victimsMBI International, Inc.
Claimed by Weyhro · listed 1 year ago
Status timeline
- ListedMar 6, 2025
- Data leakeddate unknown
At a glance
- Group
- Weyhro
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Mar 6, 2025
About the victim
AI dossier — public-source company profileMBI International, Inc. is a wholesale distributor of imaging supplies (toner, ink, drums, developer, fuser oil) for copiers, printers, and fax machines, operating since 1995. Based in Plaistow, New Hampshire, the company buys and sells surplus and new OEM imaging consumables through a worldwide supplier network.
- Industry
- Office Automation & Imaging Supplies Distribution
- Address
- 4 Wilder Drive Unit #7 & 9, Plaistow, New Hampshire 03865, U.S.A.
- Founded
- 1995
Attack summary
Severity: low — The leak post contains only an AI-generated generic description with no specific claims of data exfiltration, encryption, proof files, or operational impact. No sensitive data categories are mentioned.The weyhro group claims to have attacked MBI International, Inc. No specific details on encryption, exfiltration, or data types are provided in the leak post.
Original description
AI-summarised, not from the leak postMBI International, Inc. is a private investment firm based in the United States. It specializes in acquiring and developing companies in a variety of sectors, including real estate, retail, leisure, and technology. The firm often engages in partnerships with other companies and places an emphasis on innovative and high-growth potential businesses. MBI International, Inc. utilizes strategic planning and expert management to ensure the success of its investments.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

