Ransomware victim disclosure
← All victimsPenn Power Group
Claimed by Blackbyte · listed 3 years ago
Status timeline
- ListedFeb 7, 2023
- Data leakeddate unknown
At a glance
- Group
- Blackbyte
- Status
- Data leaked
- Country
- United States
- Sector
- Energy
- Listed on leak site
- Feb 7, 2023
About the victim
AI dossier — public-source company profilePenn Power Group is a US-based commercial fleet services and heavy-duty parts company with over 50 years of OEM expertise. It operates 13 service centers and approximately 100 mobile service vehicles, offering shop maintenance, managed fleet care, emergency roadside assistance, and parts distribution. The company serves intermodal, coach, and commercial trucking customers across multiple locations.
- Industry
- Commercial Fleet Services & Heavy-Duty Truck Parts
Attack summary
Severity: high — Data has been confirmed as published by BlackByte, indicating successful exfiltration and public release of internal company data. While the specific data categories are not enumerated in the truncated post, a published data status from a prolific ransomware group represents significant business data exposure and operational risk.BlackByte claims to have attacked Penn Power Group and has published data from the victim, as indicated by the 'data_published' disclosure status. The post does not explicitly detail encryption or the precise categories of exfiltrated data, but the data is stated as published.
Data the group says was taken
AI dossier — extracted from the leak post- Internal company documents
- Operational data
What the group claims
Our ServicesLeveraging our OEM expertise and 50+ years of experience, we provide comprehensive fleet services at our 13 service centers and 100 mobile vehicles that come to you. From traditional shop services and maintenance management to mobile fleet services and emergency roadside assistance, we handle it all.
Sources
- Victim sitepennpowergroup.com
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

