Ransomware victim disclosure
← All victimsNational Sign corp
Claimed by Hunters International · listed 1 year ago
Status timeline
- ListedApr 4, 2025
- Data leakeddate unknown
At a glance
- Status
- Data leaked
- Country
- United States
- Sector
- Manufacturing
- Listed on leak site
- Apr 4, 2025
About the victim
AI dossier — public-source company profileNational Sign Corporation, established in 1993, designs, manufactures, installs, and maintains branding programs (signage) for regional and national clients across North America. The company operates multiple offices and maintains a network of over 200 installers to execute projects of any scale, providing 24/7 maintenance services.
- Industry
- Sign Manufacturing & Installation
- Address
- 780 Four Rod Road, Berlin, CT 06037, United States
- Employees
- 201-500
- Founded
- 1993
Attack summary
Severity: medium — Confirmed exfiltration with encryption claimed, but no specific sensitive data categories (PII, financial, regulated) are detailed in the post. No proof file count is advertised. Impact is significant for a mid-sized manufacturing/service company but lacks indicators of critical infrastructure disruption or regulated data at scale.Hunters International claims to have exfiltrated data from National Sign Corporation. The group states both data exfiltration and encryption occurred, though specific data types are not detailed in the available post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- business records
- client data
- project information
- employee records
What the group claims
Exfiltraded data : yes - Encrypted data : yes
Sources
- Victim sitenationalsign.net
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

