Ransomware victim disclosure
← All victimsRevitaLash Cosmetics
listed as revitalash.com\$21.5M\USA\1.2TB\100% DISCLOSED · Claimed by Cactus · listed 1 year ago
Status timeline
- ListedMar 2, 2025
- Data leakeddate unknown
At a glance
- Group
- Cactus
- Status
- Data leaked
- Country
- United States of America
- Sector
- Retail & Consumer
- Listed on leak site
- Mar 2, 2025
About the victim
AI dossier — public-source company profileRevitaLash Cosmetics is a cosmetics company operating through revitalash.com. The company is classified in the retail and consumer sector, indicating it sells beauty products, likely including eyelash serums and related cosmetic treatments based on the brand name.
- Industry
- Cosmetics & Beauty Products
Attack summary
Severity: high — Large-scale data exfiltration (1.2TB) with 100% disclosure confirmed. The victim is a retail/consumer cosmetics company with likely customer PII exposure, and the data volume and complete publication indicate significant business impact.Cactus ransomware group claims to have conducted an attack on RevitaLash Cosmetics resulting in exfiltration of approximately 1.2TB of data. The group has published the stolen data in full (100% disclosed).
Data the group says was taken
AI dossier — extracted from the leak post- Business records
- Customer data
- Financial information
- Proprietary product information
Sources
- Victim siterevitalash.com
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

