Ransomware victim disclosure
← All victimsMetropolitan Club DC
Claimed by Ransomedvc · listed 3 years ago
Status timeline
- ListedAug 27, 2023
- Data leakeddate unknown
At a glance
- Group
- Ransomedvc
- Status
- Data leaked
- Country
- United States
- Sector
- Hospitality
- Listed on leak site
- Aug 27, 2023
- Data size
- 2.1 TB
About the victim
AI dossier — public-source company profileThe Metropolitan Club of the City of Washington is a historic private members' club located at 1700 H Street NW in Washington, DC, founded in 1863. It serves a distinguished membership drawn from political, diplomatic, business, and professional circles in the nation's capital. The club provides dining, social, and lodging facilities exclusively for its members and their guests.
- Industry
- Private Members' Club & Hospitality
- Address
- Metropolitan Club, 1700 H Street NW, Washington, DC 20006
- Employees
- 51-200
- Founded
- 1863
Attack summary
Severity: critical — 2.1 TB of data has been published including a full membership list of a high-profile private club whose members likely include senior government, diplomatic, and business figures — constituting large-scale PII exfiltration with significant national-security and reputational implications.Ransomedvc claims to have exfiltrated the entire metroclub.org site, totalling approximately 2.1 TB of data, including the full member list, employee data, source data, and customer records; the post indicates data has been published.
Data the group says was taken
AI dossier — extracted from the leak post- Full membership list
- Employee records
- Customer/source data
- Entire website dump (2.1 TB)
The group's post references roughly 1 proof file.
What the group claims
We were able to dump the entire metroclub.org site. Metroclub is a privte club from DC. There is 2.1TB of data. This screenshot show most of important info but still gathering a lot of data. We have their entire members list and employee data. Source and costumers data.
Sources
- Victim sitemetroclub.org
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

