Ransomware victim disclosure
← All victimsCucina Tagliani
Claimed by Blacklock · listed 1 year ago
Status timeline
- ListedMay 16, 2025
- Data leakeddate unknown
At a glance
- Group
- Blacklock
- Status
- Data leaked
- Country
- United States
- Sector
- Hospitality and Tourism
- Listed on leak site
- May 16, 2025
- Ransom demanded
- $5M
About the victim
AI dossier — public-source company profileCucina Tagliani is an Italian fine dining restaurant located in Glendale, Arizona, specializing in pasta, pizza, and seafood dishes. The establishment offers dine-in, carryout, curbside, delivery, and catering services, with additional offerings including private event hosting and a loyalty rewards program.
- Industry
- Food & Beverage - Fine Dining Restaurant
- Address
- 17045 N 59th Ave Ste 101, Glendale, Arizona
Attack summary
Severity: medium — Small restaurant with likely limited customer PII and internal records; no regulated data (medical/financial/government) confirmed. Data exfiltration claimed but no proof files publicly detailed. Revenue under $5M indicates small business impact.BlackLock claims to have compromised Cucina Tagliani's systems and exfiltrated data. The group demands $5M ransom and has published the victim listing with operational details.
Data the group says was taken
AI dossier — extracted from the leak post- Customer contact information
- Payment/transaction records
- Employee records
- Business operational data
What the group claims
Revenue < $5 Million Headquarters 17045 N 59th Ave Ste 101, Glendale, Arizona, 85... Phone Number (602) 547-2782 Website www.cucinatagliani.com Industry Hospitality General
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

