Ransomware victim disclosure
← All victimsKeizer's Collision Centre
listed as Keizer's Collision CSN & Automotive · Claimed by Eldorado · listed 2 years ago
Status timeline
- ListedNov 18, 2024
- Data leakeddate unknown
At a glance
- Group
- Eldorado
- Status
- Data leaked
- Country
- Canada
- Sector
- Business Services
- Listed on leak site
- Nov 18, 2024
- Ransom demanded
- $5M
About the victim
AI dossier — public-source company profileKeizer's Collision Centre is a family-owned licensed automotive repair shop that has operated for 35 years. Part of the larger Keizer's Enterprises group, which operates multiple automotive service locations including tire services, collision repair, and vehicle sales across Canada.
- Industry
- Automotive Repair & Collision Services
- Founded
- 1989
Attack summary
Severity: medium — Data has been published by the threat actor and the victim operates a business handling customer vehicle and contact information typical of automotive repair shops. However, no specific confirmation of regulated data categories (PII at scale, financial records) is evident from the post, and no proof files are detailed in the excerpt.The Eldorado ransomware group claims to have encrypted systems and exfiltrated data from Keizer's Collision Centre. The group has published data but specific details about what was accessed are not detailed in the post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- business records
- customer information
- operational data
What the group claims
Keizer's Collision Centre has been a family run business for the last 35 years. We are a licensed automotive repair shop. Revenue > $5 Million
Sources
- Victim sitekeizers.ca
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

