Ransomware victim disclosure
← All victimsFirst Baptist Church
Claimed by Blacklock · listed 1 year ago
Status timeline
- ListedMay 16, 2025
- Data leakeddate unknown
At a glance
- Group
- Blacklock
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- May 16, 2025
- Records
- 25 Employees
- Ransom demanded
- $5M
About the victim
AI dossier — public-source company profileFirst Baptist Church of High Springs is a Southern Baptist Convention-affiliated church located in High Springs, Florida. It serves the local community with worship services, ministries for all age groups (infants through seniors), and religious education programs.
- Industry
- Religious Organizations & Services
- Address
- 20112 N US HWY 441, High Springs, FL 32643
- Employees
- <25
Attack summary
Severity: medium — Religious organization with <25 employees; ransomware attack with exfiltration claim but no proof files or data sample published in the excerpt; potential exposure of congregant PII and financial data raises concern but scale and sensitivity are moderate given organization type and size.BlackLock claims to have attacked First Baptist Church and exfiltrated data, demanding a $5M ransom. The specific data categories targeted are not detailed in the available post.
Data the group says was taken
AI dossier — extracted from the leak post- Church membership records
- Financial records
- Donor information
- Personnel files
What the group claims
Organizations · Florida, United States <25 Employees First Baptist Church of High Springs maintains an affiliation with the Southern Baptist Convention. Revenue < $5 Million
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

