Ransomware victim disclosure
← All victimswww.emeryair.net
Claimed by RansomHub · listed 1 year ago
Status timeline
- ListedFeb 26, 2025
- Data leakeddate unknown
At a glance
- Group
- RansomHub
- Status
- Data leaked
- Country
- United States
- Sector
- Transportation/Logistics
- Listed on leak site
- Feb 26, 2025
About the victim
AI dossier — public-source company profileEmery Air, Inc. is a full-service aviation company based in Rockford, Illinois, providing aircraft maintenance, charter services, ground handling, and fueling to private and commercial customers. The company has operated for over 50 years and serves as an FBO (Fixed Base Operator) and general aviation service provider.
- Industry
- Aviation Services & Ground Handling
- Address
- One Airport Circle, Rockford, IL 61109
Attack summary
Severity: medium — Data has been published by the threat actor, indicating confirmed exfiltration. However, no specific data types, volumes, or sensitive information categories are disclosed in the available post. Aviation company operational and customer data could include business-sensitive information, but without evidence of regulated data (PII at scale, financial records, etc.), severity is moderate.RansomHub claims to have conducted an attack on Emery Air. The leak post indicates data has been published, though the specific nature of the compromise (encryption, exfiltration, or both) and affected data types are not detailed in the provided excerpts.
Original description
AI-summarised, not from the leak postEmery Air is a full-service aviation company based in Rockford, Illinois offering a wide range of services like aircraft maintenance, charter services, aircraft ground handling and fueling. It caters to a diverse range of customers, from private aircraft owners to commercial airlines. Emery Air's expertise ensures quality and reliable service. It's been in operation for over 50 years and is a trusted name in the industry.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

