Ransomware victim disclosure
← All victimsjonti-craft.com
Claimed by Black Basta · listed 2 years ago
Status timeline
- ListedNov 19, 2024
- Data leakeddate unknown
At a glance
- Group
- Black Basta
- Status
- Data leaked
- Country
- United States
- Sector
- Manufacturing
- Listed on leak site
- Nov 19, 2024
- Data size
- 700 GB
About the victim
AI dossier — public-source company profileJonti-Craft, Inc. is a family-owned manufacturer of high-quality children's furniture for classrooms, daycares, playrooms, and other educational and care settings. The company produces the Baltic Birch brand and other product lines including Berries and EverPlay, serving institutional and commercial markets across the United States.
- Industry
- Children's Furniture Manufacturing
- Address
- 171 State Highway 68, PO Box 30, Wabasso, MN 56293, United States
Attack summary
Severity: high — Confirmed exfiltration and publication of significant business data including financial, payroll, HR, and personal employee information at scale (700 GB), affecting a manufacturer with institutional market exposure.Black Basta claims to have exfiltrated approximately 700 GB of data from Jonti-Craft, including home user data, financial records, payroll information, personal data, human resources files, engineering documents, and departmental records. The group has published the data.
Data the group says was taken
AI dossier — extracted from the leak post- Home users data
- Financial records
- Payroll information
- Personal data
- Human resources files
- Engineering documents
- Departmental records
What the group claims
Jonti-Craft is a family-owned company that manufactures children’s furniture for a variety of settings, including classrooms, daycares, and waiting rooms.SITE: www.jonti-craft.com Address : 171 State Highway 68 PO Box 30, Wabasso MN 56293 USATEL#: (507) 342-5169ALL DATA SIZE: ≈700gb 1. Home users data 2. Financial data, Payroll 3. Personal 4. Human Resources 5. Engineering 6. Depts & etc…
Sources
- Victim sitejonti-craft.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

