Ransomware victim disclosure
← All victimsEllison-Mills Contracting
listed as ellison-mills.com · Claimed by Chaos · listed 11 months ago
Status timeline
- ListedSep 1, 2025
- Data leakeddate unknown
At a glance
- Group
- Chaos
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Sep 1, 2025
About the victim
AI dossier — public-source company profileEllison-Mills Contracting is a family-oriented heavy civil construction company specializing in wet utility and roadway infrastructure in Southern Arizona. The company delivers multi-million-dollar projects across multiple delivery methods including CMAR, Design-Build, Job Order Contracts, and Design-Bid-Build. It operates out of offices in Casa Grande and Tucson, Arizona, serving municipal and tribal government clients.
- Industry
- Heavy Civil Construction & Wet Utility Infrastructure
- Address
- 3152 N. Lear Avenue, Suite 2, Casa Grande, AZ 85122
Attack summary
Severity: medium — Data has been published, indicating confirmed exfiltration rather than a mere listing; however, the leak post provides no detail on the type or scale of data involved, and there is no indication of regulated PII, medical, financial, or government classified data at scale.The Chaos ransomware group claims to have compromised Ellison-Mills Contracting and has published data (disclosed status: data_published), though the leak post does not explicitly detail whether encryption, exfiltration, or both occurred, nor does it specify the volume or nature of data stolen.
Data the group says was taken
AI dossier — extracted from the leak post- Company business records
- Project management documentation
- Client/contract information
- Employee records
What the group claims
Ellison-Mills Contracting is a family-oriented company specializing in wet utility and roadway infrastructure in Southern Arizona. They are committed to cultivating strong relationships with clients and team members while delivering quality construction management for various project types. With extensive experience in multimillion-dollar projects, the company prides itself on its ability to complete work on time and under budget across several contracting methods.
Sources
Source
Indexed 11 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

