Ransomware victim disclosure
← All victimsKeizer's Collision Centre
listed as Keizer's Collision CSN & Automotive · Claimed by Blacklock · listed 1 year ago
Status timeline
- ListedMay 16, 2025
- Data leakeddate unknown
At a glance
- Group
- Blacklock
- Status
- Data leaked
- Country
- Canada
- Sector
- Consumer Services
- Listed on leak site
- May 16, 2025
- Ransom demanded
- $5M
About the victim
AI dossier — public-source company profileKeizer's Collision Centre is a family-owned licensed automotive repair shop operating for 35 years. The business operates multiple service locations under the Keizer's brand (tire, auto sales, collision centres) across Canada, with annual revenue exceeding $5 million.
- Industry
- Automotive Repair & Collision Services
- Founded
- 1989
Attack summary
Severity: medium — Data published status with exfiltration claim, but no specific sensitive data types (PII at scale, financial records, government IDs) confirmed in the leak post excerpt. Revenue >$5M indicates moderate business scale. Lack of detailed proof inventory or specific data categories limits severity assessment.BlackLock claims to have encrypted systems and exfiltrated data from Keizer's Collision Centre. The group has published the victim listing and claims to possess exfiltrated files, though specific data categories are not detailed in the available excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- customer records
- business files
- operational data
What the group claims
Keizer's Collision Centre has been a family run business for the last 35 years. We are a licensed automotive repair shop. Revenue > $5 Million
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

