Ransomware victim disclosure
← All victimsPFSbrands
listed as pfsbrands.com · Claimed by Abyss · listed 2 years ago
Status timeline
- ListedAug 30, 2024
- Data leakeddate unknown
At a glance
- Group
- Abyss
- Status
- Data leaked
- Country
- United States
- Sector
- Business Services
- Listed on leak site
- Aug 30, 2024
- Data size
- 29 GB
- Ransom demanded
- $50
About the victim
AI dossier — public-source company profilePFSbrands is a 100% employee-owned foodservice company that builds and operates a portfolio of franchise brands including Champs Chicken, BluTaco, Hangar 54 Pizza, and others. The company provides branded food products, commercial kitchen equipment, and comprehensive business support to retail operators and franchise restaurants across 40+ U.S. states, serving over 30,000 retailers and 580+ franchise locations.
- Industry
- Foodservice & Franchise Management
Attack summary
Severity: high — Confirmed exfiltration of 29 GB of data from a large foodservice and franchise operator serving tens of thousands of retail partners and franchise locations; exposure likely includes sensitive business, customer, and operational data across a network of partner businesses.The Abyss group claims to have exfiltrated 29 GB of data from PFSbrands. The leak post is primarily a directory listing of multiple victim companies rather than detailed disclosure of PFSbrands-specific breach particulars.
Data the group says was taken
AI dossier — extracted from the leak post- Business records
- Customer data
- Operational files
What the group claims
PFSbrands ® is an employee-owned company that provides three successful hot food brands primarily to the c-store and supermarket industries
The leak post
captured from the group's site```
let data = [
{
'title' : 'thinlinetech.com',
'short' : 'thinlinetech.com 29Gb uncompressed data',
'full' : 'Thinline Technologies <br>' +
'Thinline Technologies offers reliable IT consulting and expert computer and network support services to businesses in the Baltimore metro area.<br> They specialize in network administration, technology planning, and help desk services, focusing on increasing productivity and profitability for small to mid-size businesses.<br>'+
'password: 6oGfyIRISQmmI3Ge2kEeyu7hbzONONEFpkcnhC1S4Ygk4iSpw4RRxDXY1uk9xeyUXOmg7UOuZvGekRc9cs8E61LWKdI08uv0kUyC4V6YxaETtrhniAtKD9t7FQ2qTFYi<br>'+
'Link â„–1 Filelist',
'links' : [
"http://zngbsq66uwem4qzyxpqb5rjo2xebnbwdku27nhmquryx6ljnbbedhiad.onion/thinline.lst.zip",
"http://zngbsq66uwem4qzyxpqb5rjo2xebnbwdku27nhmquryx6ljnbbedhiad.onion/thinline.rar"
]
},
{
'title' : 'crownlaboratories.com',
'short' : 'crownlaboratories.com 8Tb uncompressed data',
'full' : 'Crown Laboratories <br>' +
'Crown Laboratories, founded in 2000 and based in Johnson City, TN, provides pharmaceutica…Screenshot of the leak post

Sources
- Victim sitepfsbrands.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

