Ransomware victim disclosure
← All victimsRush Energy Services Inc [Time's up]
Claimed by ALPHV/BlackCat · listed 2 years ago
Status timeline
- ListedFeb 15, 2024
- Data leakeddate unknown
At a glance
- Group
- ALPHV/BlackCat
- Status
- Data leaked
- Country
- Canada
- Sector
- Energy
- Listed on leak site
- Feb 15, 2024
About the victim
AI dossier — public-source company profileRush Energy Services Inc. is a privately held company headquartered in Calgary, Alberta, specializing in custom crude oil treating and water management facilities throughout Western Canada. They provide emulsion processing, water disposal, pipeline-connected terminalling, and logistics services to oil and gas producers.
- Industry
- Oil & Gas Services — Crude Oil Treatment & Water Management
- Address
- Suite 700, 1816 Crowchild Trail NW, Calgary, AB T2M 3Y7, Canada
Attack summary
Severity: high — Confirmed data exfiltration by a major ransomware group (ALPHV/BlackCat) affecting critical infrastructure in the energy sector; operational disruption to crude oil and water management services poses downstream risk to oil & gas production.ALPHV/BlackCat claims to have compromised Rush Energy Services Inc. The group has published data from the victim, though specific details on encryption status or exfiltration scope are not elaborated in the available post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Business operations data
- Facility information
- Client/producer records
- Operational communications
What the group claims
Rush Energy Services Inc. develops a network of crude oil custom treating and water management facilities throughout Western Canada
Sources
- Victim siterushenergyservices.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

