Ransomware victim disclosure
← All victimsGordon Industrial
listed as gordonindustrial.com · Claimed by Toufan · listed 3 years ago
Status timeline
- ListedDec 19, 2023
- Data leakeddate unknown
At a glance
- Group
- Toufan
- Status
- Data leaked
- Country
- United States
- Sector
- Manufacturing
- Listed on leak site
- Dec 19, 2023
About the victim
AI dossier — public-source company profileGordon Industrial (gordonindustrial.com) is a US-based industrial maintenance, repair, and operations (MRO) distributor headquartered in the Fresno, California area. The company supplies a broad range of industrial products including abrasives, bearings, adhesives, chains, sprockets, power transmission components, and chemicals to commercial and industrial customers. It operates an e-commerce platform allowing account-based purchasing across an extensive product catalog.
- Industry
- Industrial Supply & MRO Distribution
- Address
- Fresno, California, United States (phone 559-264-5931 indicates Fresno, CA area; full street address not stated)
Attack summary
Severity: medium — Data is marked as published by the group, indicating confirmed exfiltration; however, no leak post details, data size, or specific sensitive data categories (e.g., PII at scale, financial, medical) are confirmed from available evidence, limiting severity to medium.The Toufan ransomware group has listed Gordon Industrial with a 'data_published' status, indicating data has been exfiltrated and published. No leak post content was captured, so the specific data categories and scope of the disclosure cannot be fully assessed from available evidence.
Data the group says was taken
AI dossier — extracted from the leak post- Customer account data
- Business records
- Potentially internal operational documents
Sources
- Victim sitegordonindustrial.com
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

