Ransomware victim disclosure
← All victimsMDM Insurance Services Inc.
listed as mdm-insurance.com · Claimed by Abyss · listed 1 year ago
Status timeline
- ListedMar 14, 2025
- Data leakeddate unknown
At a glance
- Group
- Abyss
- Status
- Data leaked
- Country
- United Kingdom
- Sector
- Financial Services
- Listed on leak site
- Mar 14, 2025
- Data size
- 29 GB
- Ransom demanded
- $50
About the victim
AI dossier — public-source company profileMDM Insurance Services Inc. offers a wide range of insurance products and services, including auto, home, and life insurance. The company operates under the domain mdm-insurance.com.
- Industry
- Insurance
Attack summary
Severity: critical — Confirmed exfiltration of large-scale sensitive data (2 TB) from an insurance company, which typically contains regulated PII, financial information, and policy details subject to strict data protection requirements.Abyss claims to have exfiltrated 2 TB of uncompressed data from MDM Insurance Services. The group has published the data on their leak site with password-protected archives.
Data the group says was taken
AI dossier — extracted from the leak post- customer records
- insurance policies
- financial data
- personal information
The group's post references roughly 3 proof files advertised (file list and 2 archive parts visible) proof files.
What the group claims
MDM Insurance Services Inc. offers a wide range of insurance products and services, including auto, home, and life insurance.
The leak post
captured from the group's site```
let data = [
{
'title' : 'thinlinetech.com',
'short' : 'thinlinetech.com 29Gb uncompressed data',
'full' : 'Thinline Technologies <br>' +
'Thinline Technologies offers reliable IT consulting and expert computer and network support services to businesses in the Baltimore metro area.<br> They specialize in network administration, technology planning, and help desk services, focusing on increasing productivity and profitability for small to mid-size businesses.<br>'+
'password: 6oGfyIRISQmmI3Ge2kEeyu7hbzONONEFpkcnhC1S4Ygk4iSpw4RRxDXY1uk9xeyUXOmg7UOuZvGekRc9cs8E61LWKdI08uv0kUyC4V6YxaETtrhniAtKD9t7FQ2qTFYi<br>'+
'Link â„–1 Filelist',
'links' : [
"http://zngbsq66uwem4qzyxpqb5rjo2xebnbwdku27nhmquryx6ljnbbedhiad.onion/thinline.lst.zip",
"http://zngbsq66uwem4qzyxpqb5rjo2xebnbwdku27nhmquryx6ljnbbedhiad.onion/thinline.rar"
]
},
{
'title' : 'crownlaboratories.com',
'short' : 'crownlaboratories.com 8Tb uncompressed data',
'full' : 'Crown Laboratories <br>' +
'Crown Laboratories, founded in 2000 and based in Johnson City, TN, provides pharmaceutica…Screenshot of the leak post

Sources
- Victim sitemdm-insurance.com
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

