Ransomware victim disclosure
← All victimsEagle Engineering Inc.
listed as https://eagleonline.net/ · Claimed by Lynx · listed 1 year ago
Status timeline
- ListedJul 23, 2025
- Data leakeddate unknown
At a glance
- Group
- Lynx
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- Jul 23, 2025
About the victim
AI dossier — public-source company profileEagle Engineering Inc. is a full-service civil engineering, surveying, and soil sciences firm founded in 1991. Based in Indian Trail, North Carolina, they provide turnkey land development services from conceptual design to project completion, serving the Carolinas, Georgia, Florida, Alabama, Tennessee, and Virginia across commercial, residential, institutional, healthcare, and industrial sectors.
- Industry
- Civil Engineering, Surveying & Soil Sciences
- Address
- 2013-A Van Buren Ave, Indian Trail, NC 28079, United States
- Employees
- 51-200
- Founded
- 1991
Attack summary
Severity: medium — Data has been published and confirmed disclosure occurred. However, the leak post is extremely sparse ('proof of attacks' only), with no proof files or screenshots advertised, no data inventory detailed, and no confirmation of sensitive regulated data exfiltration. The company handles engineering/surveying data which may include client project details but lacks clear evidence of PII at scale or regulated data exposure.The Lynx group claims to have compromised Eagle Engineering Inc. and published data. The leak post provides only a generic 'proof of attacks' statement with no detail on exfiltration versus encryption or specific data categories.
Data the group says was taken
AI dossier — extracted from the leak post- Client project information
- Engineering designs and specifications
- Survey data
- Employee records
- Financial/billing records
What the group claims
proof of attacks
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

