Ransomware victim disclosure
← All victimsWest Chester Township
listed as West Chester · Claimed by Pear · listed 10 months ago
Status timeline
- ListedSep 14, 2025
- Data leakeddate unknown
At a glance
- Group
- Pear
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Sep 14, 2025
About the victim
AI dossier — public-source company profileWest Chester Township is a charter township located in Butler County, Ohio, and is the most populous township in the state with a population of 65,242 per the 2020 census. It provides municipal services including administration, public safety, parks, and community development to residents in the greater Cincinnati metropolitan area. The township is governed by an elected Board of Trustees and operates through a professional administrative staff.
- Industry
- Local Government / Municipal Township Administration
- Address
- 9113 Cincinnati-Dayton Rd, West Chester Township, OH 45069, United States
- Employees
- 51-200
Attack summary
Severity: high — The victim is a local government entity serving over 65,000 residents; data_published status confirms exfiltration has occurred, likely including citizen PII, personnel records, and sensitive municipal data, which elevates severity to high. Critical would require confirmed regulated data (e.g., medical or financial records at scale) explicitly evidenced.The ransomware group 'pear' claims to have attacked West Chester Township and has published data (disclosed status: data_published), suggesting exfiltration of township records; no ransom amount or specific data volume was stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Township administrative records
- Resident/citizen PII
- Government personnel records
- Public safety records
- Financial/budget documents
What the group claims
West Chester Township is the most populous township in Ohio, with a population of 65,242 according to the 2020 census
Sources
Source
Indexed 10 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

