Ransomware victim disclosure
← All victimsMitchell-McKinney Supply
listed as mitchellmckinney.com · Claimed by Toufan · listed 3 years ago
Status timeline
- ListedDec 19, 2023
- Data leakeddate unknown
At a glance
- Group
- Toufan
- Status
- Data leaked
- Country
- United States
- Sector
- Legal
- Listed on leak site
- Dec 19, 2023
About the victim
AI dossier — public-source company profileMitchell-McKinney Supply is a US-based industrial and MRO (Maintenance, Repair & Operations) distributor offering a broad catalog of products including cutting tools, fasteners, hand tools, power tools, hydraulics, pneumatics, safety equipment, and raw materials. The company operates an e-commerce platform and physical store locations, reachable by phone at +1 (614) 444-6732, suggesting an Ohio base. It serves industrial and manufacturing customers across a wide range of product categories.
- Industry
- Industrial & MRO Supply Distribution
Attack summary
Severity: medium — Data is marked as published by the group, suggesting confirmed exfiltration, but no leak post details, data size, or specific sensitive data categories (e.g. PII at scale, financial records) are confirmed; moderate business data exposure is the most defensible assessment.The Toufan ransomware group has listed Mitchell-McKinney Supply with a disclosed status of 'data_published', indicating data has been released; however, no leak post text was captured and no details on encryption or specific exfiltrated data are available.
Data the group says was taken
AI dossier — extracted from the leak post- Customer account data
- Order and purchasing records
- Business contact information
- Internal operational data
Sources
- Victim sitemitchellmckinney.com
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

