Ransomware victim disclosure
← All victimsKennedy Funding
Claimed by Eldorado · listed 2 years ago
Status timeline
- ListedNov 18, 2024
- Data leakeddate unknown
At a glance
- Group
- Eldorado
- Status
- Data leaked
- Country
- United States
- Sector
- Financial
- Listed on leak site
- Nov 18, 2024
- Ransom demanded
- $4B
About the victim
AI dossier — public-source company profileKennedy Funding is a nationwide direct private lender specializing in bridge loans for commercial property and land acquisition. The company claims industry-leading expertise with over $4 billion in closed loans across residential, commercial, and development projects.
- Industry
- Commercial Bridge Lending & Private Money Lending
Attack summary
Severity: high — Exfiltration of sensitive financial data including loan records, borrower information, and transaction details at significant scale ($4B+ portfolio referenced). This represents exposure of confidential business and client financial information in the lending sector.Eldorado claims to have exfiltrated data related to Kennedy Funding's loan portfolio and business operations. The group references the $4 billion in closed loans as part of the breach, suggesting access to loan records and transaction data.
Data the group says was taken
AI dossier — extracted from the leak post- Loan records
- Client transaction data
- Property acquisition details
- Borrower information
- Loan terms and agreements
What the group claims
Up to over $4 billion in closed loans. Kennedy Funding is a nationwide direct private lender specializing in bridge loans for commercial property and land acquisition.
Sources
- Victim sitekennedyfunding.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

