Ransomware victim disclosure
← All victimsmidwayimporting.com\$43.7M\USA\915GB\100% DISCLOSED
Claimed by Cactus · listed 1 year ago
Status timeline
- ListedMar 2, 2025
- Data leakeddate unknown
At a glance
- Group
- Cactus
- Status
- Data leaked
- Country
- United States of America
- Sector
- Business Services
- Listed on leak site
- Mar 2, 2025
About the victim
AI dossier — public-source company profileMidway Importing is a leading distributor of trusted health and beauty care brands focused on Hispanic consumers across the United States. Operating for 33 years with 2 distribution centers (Houston and Los Angeles) and 37 sales offices, the company serves 44 states through mass market retailers, pharmacies, grocery stores, and wholesalers, employing approximately 300 people.
- Industry
- Health & Beauty Care Distribution
- Address
- 1807 Brittmoore Road, Houston, TX 77043
- Employees
- 300
- Founded
- 1991
Attack summary
Severity: high — Confirmed exfiltration of 915GB of data from a company handling significant customer and supplier information across retail and distribution networks. Scale of data and business sensitivity warrants high severity, though specific regulated data types are not explicitly confirmed.Cactus ransomware group claims to have compromised Midway Importing and exfiltrated data. The group indicates 100% disclosure of 915GB of data, though specific details of what was accessed or encrypted are not provided in available sources.
Data the group says was taken
AI dossier — extracted from the leak post- Business records
- Customer data
- Supplier information
- Sales data
- Financial records
Sources
- Victim sitemidwayimporting.com
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

