Ransomware victim disclosure
← All victimsRocket Supply
listed as rocket-supply.com · Claimed by Toufan · listed 3 years ago
Status timeline
- ListedDec 19, 2023
- Data leakeddate unknown
At a glance
- Group
- Toufan
- Status
- Data leaked
- Country
- United States
- Sector
- Manufacturing
- Listed on leak site
- Dec 19, 2023
About the victim
AI dossier — public-source company profileRocket Supply is an industrial distributor located in Cincinnati, Ohio, serving Ohio, Kentucky, and Indiana since 1977. The company supplies cutting tools, abrasives, coolants, fasteners, PPE, and a broad range of manufacturing process materials. It operates an internal grind shop for custom tooling and is a division of Wulco, Inc.
- Industry
- Industrial Distribution & Manufacturing Supplies
- Address
- 6899 Steger Drive, Cincinnati, OH 45237
- Founded
- 1977
Attack summary
Severity: medium — Data is confirmed published by the group, indicating exfiltration occurred; however, the company is a regional industrial distributor with no indication of regulated data (medical, government, defence) at scale, and no data volume or sensitive data categories are confirmed from available evidence.The Toufan ransomware group claims an attack on Rocket Supply with a disclosed status of data_published, indicating data has been exfiltrated and published. No specific ransom demand or data volume was stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Customer records
- Order history
- Business contact information
- Internal operational data
- Potentially financial/procurement records
Sources
- Victim siterocket-supply.com
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

