Ransomware victim disclosure
← All victimsBig Ass Fans
Claimed by Royal · listed 3 years ago
Status timeline
- ListedApr 10, 2023
- Data leakeddate unknown
At a glance
- Group
- Royal
- Status
- Data leaked
- Country
- United States
- Sector
- Manufacturing
- Listed on leak site
- Apr 10, 2023
About the victim
AI dossier — public-source company profileBig Ass Fans is a Lexington, Kentucky-based manufacturer of high-volume, low-speed (HVLS) ceiling fans, commercial ceiling fans, lighting, and controls for industrial, commercial, and residential applications. Founded in 1999, the company serves a wide range of sectors and counts over 80% of Fortune 500 companies among its customers. It is known for premium, custom-built airflow products sold under brands such as Haiku, Powerfoil, and i6.
- Industry
- Industrial & Commercial Fans and Airflow Products Manufacturing
- Employees
- 201-500
- Founded
- 1999
Attack summary
Severity: critical — Confirmed exfiltration of 246 GB including regulated sensitive data: passport copies, medical insurance policies, salary records, and employee PII at scale — all categories that trigger regulatory obligations (e.g., HIPAA adjacency, state privacy laws) and pose direct harm to individuals.The Royal ransomware group claims to have exfiltrated approximately 246 GB of data from Big Ass Fans, including accounting and finance records, project documents, contracts, payment documents, employee salary information, passport copies, medical insurance policies, and employee contact details. The disclosure status is 'data_published', indicating the stolen data has been released.
Data the group says was taken
AI dossier — extracted from the leak post- Employee personally identifiable information (PII)
- Employee salary records
- Passport copies
- Medical insurance policies
- Accounting and finance records
- Contracts
- Project documents
- Payment documents
- Employee phone numbers and email addresses
What the group claims
Big Ass Fans is a fans, light and controls manufacturer for different business directions. These guys have nothing against holding their employees personal information almost open-sourced. They've lost 246 gygabytes of data interested for its details. Tons of accounting and finance information, projects, contracts, payment docs, employees' salaries, passports, medical insurance policies, phones, emails - everything you want.
Sources
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

