Ransomware victim disclosure
← All victimsSouthwest Stone
listed as southweststone.net · Claimed by Projectrelic · listed 11 months ago
Status timeline
- ListedAug 20, 2025
- Data leakeddate unknown
At a glance
- Group
- Projectrelic
- Status
- Data leaked
- Country
- United States
- Sector
- Construction
- Listed on leak site
- Aug 20, 2025
About the victim
AI dossier — public-source company profileSouthwest Stone is a premier natural stone quarrier established in 2001, operating multiple quarries throughout Utah and Idaho. The company supplies natural stone products including veneer, landscape, architectural, and wall cap/coping materials. It serves construction and design markets with an experienced staff spanning management, sales, and production.
- Industry
- Natural Stone Quarrying & Supply
- Address
- Utah & Idaho, United States (multiple quarry locations; specific street address not stated)
- Founded
- 2001
Attack summary
Severity: medium — Data is listed as published, indicating confirmed exfiltration and disclosure; however, no details on data type, volume, or sensitivity (e.g., PII, financial, regulated data) are available, and the company operates in a non-critical sector at apparent small-to-medium scale.The Projectrelic ransomware group claims to have published data belonging to Southwest Stone; the status is listed as 'data_published', indicating exfiltration and disclosure of company data. No specific ransom demand or data volume was stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Unknown — no specific data categories disclosed in leak post
Original description
AI-summarised, not from the leak postN/A
Sources
- Victim sitesouthweststone.net
Source
Indexed 11 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

