Ransomware victim disclosure
← All victimsR. Zoppo Corp.
listed as zoppo.com · Claimed by Abyss · listed 2 years ago
Status timeline
- ListedJul 28, 2024
- Data leakeddate unknown
At a glance
- Group
- Abyss
- Status
- Data leaked
- Country
- United States
- Sector
- Business Services
- Listed on leak site
- Jul 28, 2024
- Data size
- 233 GB
- Ransom demanded
- $50
About the victim
AI dossier — public-source company profileR. Zoppo Corp. is a civil engineering and construction company founded in 1925 with four generations of family leadership. They specialize in underground utilities, pumping stations, treatment plants, bridges, heavy civil work, roadways, and dams/flood control projects.
- Industry
- Heavy Civil Engineering & Construction
- Founded
- 1925
Attack summary
Severity: medium — Data exfiltration of moderate scale (233 GB) from a construction/civil engineering firm with no indication of encryption-only attack or confirmed sensitive regulated data (PII, medical, financial at scale). The post is a marketplace listing without proof files visible.The Abyss group claims to have exfiltrated 233 GB of data from R. Zoppo Corp. The leak post does not explicitly state encryption or operational disruption, but presents archived company data for sale alongside data from nine other victims.
Data the group says was taken
AI dossier — extracted from the leak post- Business records
- Project documentation
- Internal communications
- Financial data
What the group claims
zoppo.com 233Gb uncompressed data
The leak post
captured from the group's site```
let data = [
{
'title' : 'thinlinetech.com',
'short' : 'thinlinetech.com 29Gb uncompressed data',
'full' : 'Thinline Technologies <br>' +
'Thinline Technologies offers reliable IT consulting and expert computer and network support services to businesses in the Baltimore metro area.<br> They specialize in network administration, technology planning, and help desk services, focusing on increasing productivity and profitability for small to mid-size businesses.<br>'+
'password: 6oGfyIRISQmmI3Ge2kEeyu7hbzONONEFpkcnhC1S4Ygk4iSpw4RRxDXY1uk9xeyUXOmg7UOuZvGekRc9cs8E61LWKdI08uv0kUyC4V6YxaETtrhniAtKD9t7FQ2qTFYi<br>'+
'Link â„–1 Filelist',
'links' : [
"http://zngbsq66uwem4qzyxpqb5rjo2xebnbwdku27nhmquryx6ljnbbedhiad.onion/thinline.lst.zip",
"http://zngbsq66uwem4qzyxpqb5rjo2xebnbwdku27nhmquryx6ljnbbedhiad.onion/thinline.rar"
]
},
{
'title' : 'crownlaboratories.com',
'short' : 'crownlaboratories.com 8Tb uncompressed data',
'full' : 'Crown Laboratories <br>' +
'Crown Laboratories, founded in 2000 and based in Johnson City, TN, provides pharmaceutica…Screenshot of the leak post

Sources
- Victim sitezoppo.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

