Ransomware victim disclosure
← All victimsKHS&S
listed as KHSS (You have 3 days) · Claimed by ALPHV/BlackCat · listed 2 years ago
Status timeline
- ListedFeb 21, 2024
- Data leakeddate unknown
At a glance
- Group
- ALPHV/BlackCat
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- Feb 21, 2024
About the victim
AI dossier — public-source company profileKHS&S is an international design-assist specialty building contractor specializing in interiors, exteriors, prefabricated components, themed environments, and specialty finishes for large-scale projects. Operating through six offices in Florida, Texas, and New Jersey, the company is ranked by ENR as a top-ten specialty wall and ceiling contractor and serves healthcare, aviation, gaming, entertainment, and venue markets.
- Industry
- Specialty Construction Contractor – Interior, Exterior & Themed Environments
- Address
- Multiple offices in Florida, Texas, and New Jersey (specific headquarters address not stated)
Attack summary
Severity: medium — Data has been published and the company operates in a sector handling sensitive project information for healthcare, aviation, and other sectors. However, the leak post does not detail specific regulated data (PII, medical records, financial records) or confirm exfiltration of particularly sensitive materials. The lack of ransom demand and limited disclosure details reduce severity from 'high'.ALPHV/BlackCat claims to have compromised KHS&S and published data. The group's post does not explicitly state encryption, exfiltration, or specific data types targeted, but the 'data_published' status indicates information has been disclosed.
Data the group says was taken
AI dossier — extracted from the leak post- Business operations data
- Project information
- Client project details
- Internal systems/documents
What the group claims
KHS&S is transforming construction from a field-based industry to an industry of digital modeling, virtual project delivery, prefabrication and Lean construction. We are continuously rethinking how projects get built. Our focus is on creating project value, while remaining true to our corporate values that have driven us since our founding.
Sources
- Victim sitekhss.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

