Ransomware victim disclosure
← All victimsMoody Development Corporation
listed as Moody Homes · Claimed by Frag · listed 1 year ago
Status timeline
- ListedMar 24, 2025
- Data leakeddate unknown
At a glance
- Group
- Frag
- Status
- Data leaked
- Country
- United Kingdom
- Sector
- Construction
- Listed on leak site
- Mar 24, 2025
About the victim
AI dossier — public-source company profileMoody Development Corporation is a builder and developer of new homes operating in the Tidewater and Hampton Roads regions. They develop single-family homes, condominiums, townhomes, and multi-family communities for both sales and rental.
- Industry
- Real Estate Development & Construction
Attack summary
Severity: high — Confirmed exfiltration and publication of PII (client and employee contact information) at scale, combined with sensitive business data (financial statements, contracts, licenses). Real estate development firms typically handle personal information for customers and staff.The frag group claims to have extracted financial statements, client and employee contact information, partnership agreements, licenses, and contracts from Moody Homes. Data has been published.
Data the group says was taken
AI dossier — extracted from the leak post- Financial statements
- Client contact information
- Employee contact information
- Partnership agreements
- Licenses
- Contracts
What the group claims
Real Estate Moody Development Corporation builders and developers of quality new homes, including new home rentals and new home sales of single family homes condominiums town homes and single family communities and multi family communities serving Tidewater and all cities of Hampton Roads. Our team was successful in extracting the following documents: Financial statements of the company Contact information of clients and employees Partnership agreements, licenses and contracts
Sources
- Victim sitemoodyhomes.co.uk
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

