Ransomware victim disclosure
← All victimsMassDevelopment
listed as massdevelopment.com\$24.6M\USA\1.2TB\100% DISCLOSED · Claimed by Cactus · listed 2 years ago
Status timeline
- ListedJan 10, 2025
- Data leakeddate unknown
At a glance
- Group
- Cactus
- Status
- Data leaked
- Country
- United States
- Sector
- Government
- Listed on leak site
- Jan 10, 2025
About the victim
AI dossier — public-source company profileMassDevelopment is a Massachusetts state agency that provides financing, real estate services, and community development solutions to support business growth, housing expansion, and municipal revitalization across the state. The organization offers flexible financing tools, bond issuance, tax credits, and real estate expertise to manufacturers, developers, nonprofits, banks, and municipalities.
- Industry
- Economic & Community Development
Attack summary
Severity: high — Confirmed data exfiltration of 1.2TB from a state government economic development agency with public disclosure. The victim is a public sector entity managing significant municipal and business development assets, representing both regulatory and reputational impact.The Cactus ransomware group claims to have attacked MassDevelopment and exfiltrated 1.2TB of data. The group has disclosed the data publicly (100% disclosed status), though no specific data categories or operational impact details are provided in the available information.
Data the group says was taken
AI dossier — extracted from the leak post- unspecified business records
- financing documentation
- real estate files
- government/municipal development data
Sources
- Victim sitemassdevelopment.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

