Ransomware victim disclosure
← All victimsAWI Management Corporation
listed as awimc.com\$102.7M\USA\440GB\<1% DISCLOSED · Claimed by Cactus · listed 2 years ago
Status timeline
- ListedDec 23, 2024
- Data leakeddate unknown
At a glance
- Group
- Cactus
- Status
- Data leaked
- Country
- United States
- Sector
- Manufacturing
- Listed on leak site
- Dec 23, 2024
About the victim
AI dossier — public-source company profileAWI Management Corporation is a property management firm specializing in affordable housing across California, Arizona, and Hawaii. Since 2007, they have managed 217 properties comprising 11,000 residential units serving approximately 25,000 residents, with expertise in regulatory compliance for USDA, HUD, and tax credit programs.
- Industry
- Affordable Housing Property Management
- Address
- Corporate Offices, location not fully specified in excerpt (phone: 530-745-6170)
- Founded
- 2007
Attack summary
Severity: high — Confirmed data exfiltration of 440 GB with published disclosure. Property management firms hold sensitive resident PII, financial records, and regulatory documentation affecting 25,000+ residents across multiple properties. Scale and nature of data (affordable housing context implies vulnerable populations) elevates severity despite lack of explicit proof count details.Cactus group claims to have attacked AWI Management Corporation and exfiltrated approximately 440 GB of data. The group has published data as indicated by the 'data_published' disclosure status, though the specific nature of exfiltrated data is not detailed in the available post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Property management records
- Resident/tenant information
- Financial records
- Regulatory compliance documentation
- Operational data
Sources
- Victim siteawimc.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

