Ransomware victim disclosure
← All victimsKinsey's Inc.
listed as kinseysinc.com · Claimed by Cactus · listed 1 year ago
Status timeline
- ListedFeb 17, 2025
- Data leakeddate unknown
At a glance
- Group
- Cactus
- Status
- Data leaked
- Country
- United States
- Sector
- Manufacturing
- Listed on leak site
- Feb 17, 2025
- Ransom demanded
- $74.9M
- Estimated revenue
- $74.9M
About the victim
AI dossier — public-source company profileKinsey's Inc. is a wholesale distributor specializing in sporting goods and outdoor products, primarily serving archery, ammunition, and firearms retailers across the United States. Founded over 70 years ago, the company operates as a B2B distributor offering inventory management, logistics, and dealer services to brick-and-mortar and eCommerce retailers nationwide.
- Industry
- Sporting Goods & Outdoor Products Distribution
- Address
- 1660 Steel Way Dr, Mount Joy, Pennsylvania, 17552, United States
Attack summary
Severity: high — Confirmed exfiltration of sensitive data including PII at scale, financial records, HR/employee data, and customer information from a substantial company ($74.9M revenue). Multiple proof files published demonstrating access to financial statements and personal documents.Cactus group claims to have exfiltrated personal identifiable information, database backups, corporate financial and sales records, HR and IT department data, employee and executive personal documents, and customer information from Kinsey's Inc.
Data the group says was taken
AI dossier — extracted from the leak post- Personal identifiable information (PII)
- Database backups
- Financial documents and audit statements
- Sales records
- HR department data
- IT department data
- Employee personal documents
- Executive personal documents
- Customer data
- Corporate correspondence
The group's post references roughly 5 proof files.
What the group claims
<p>Retail.<br><br>“Kinseys Inc. is dedicated to providing programs and services that help sporting goods and outdoor businesses save money, enhance profits and build relationships. They serve brick-and-mortar and eCommerce retailers nationwide, focusing on four-season retailers who sell archery, ammunition, and firearms.”<br><br>Website: <a href="https://www.kinseysinc.com/">https://www.kinseysinc.com/</a><br><br>Revenue : $74.9M<br><br>Address: 1660 Steel Way Dr, Mount Joy, Pennsylvania, 17552, United States<br><br>Phone Number: (800) 366-4269<br><br><mark class="marker-yellow"><strong>Download link #1:</strong></mark> <a href="https://6wuivqgrv2g7brcwhjw5co3vligiqowpumzkcyebku7i2busrvlxnzid.onion/KINSEY/PROOF/">https://6wuivqgrv2g7brcwhjw5co3vligiqowpumzkcyebku7i2busrvlxnzid.onion/KINSEY/PROOF/</a><br><br><mark class="marker-yellow"><strong>Mirror:</strong></mark> <a href="https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/KINSEY/PROOF/">https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/KINSEY/PROOF/</a><br><br><mark class="marker-yellow"><strong>DATA DESCRIPTIONS:</strong></mark> Personal Identifiable information, database backups, corporate data: sales, financial docs, HR and IT dept data, employees and executives personal docs, customer data, corporate correspondence etc.</p><p><img src="/uploads/Audit_Financial_Statement_Final_Doc_6114a020de.png" alt="Audit Financial Statement - Final Doc.png"><img src="/uploads/Kinsey_Docs_5a526d6b35.png" alt="Kinsey Docs.png"><img src="/uploads/Cory_ID_3bf174937f.png" alt="Cory ID.png"><img src="/uploads/Joshua_Keller_Principal_db001703a4.png" alt="Joshua Keller - Principal.png"><img src="/uploads/Kinsey_s_Archery_Products_Inc_12_31_23_YE_FS_04_17_24_08aaaf096f.png" alt="Kinsey's Archery Products, Inc. 12.31.23 YE FS 04.17.24.png"></p>
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

