Ransomware victim disclosure
← All victimsUSA DeBusk
listed as usadebusk.com · Claimed by Embargo · listed 10 months ago
Status timeline
- ListedSep 20, 2025
- Data leakeddate unknown
At a glance
- Group
- Embargo
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Sep 20, 2025
- Data size
- 2 TB
About the victim
AI dossier — public-source company profileUSA DeBusk provides a comprehensive suite of industrial cleaning and infrastructure maintenance services to a diverse, blue-chip customer base across a broad range of industries in the United States. The company operates as a specialized industrial services contractor, supporting clients with cleaning, maintenance, and related infrastructure services at scale.
- Industry
- Industrial Cleaning & Infrastructure Maintenance Services
Attack summary
Severity: critical — 2 TB of confirmed exfiltrated and published data includes employee PII, client data, and contracts at scale, constituting regulated/sensitive personal and business data with data_published status indicating full disclosure.The Embargo ransomware group claims to have exfiltrated approximately 2 TB of data from USA DeBusk, including contracts, client data, employee private data, and incident reports, and has published the data.
Data the group says was taken
AI dossier — extracted from the leak post- Contracts
- Client data
- Employee private data
- Incident reports
What the group claims
USA DeBusk provides a comprehensive suite of industrial cleaning and infrastructure maintenance services to a diverse, blue-chip customer base across a broad r... - 2 TB including Contracts, Client Data, Employee Private Data, Incident Reports, and more
Sources
Source
Indexed 10 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

