Ransomware victim disclosure
← All victimsBluEdge
listed as bluedge.com\$104.5M\USA\994GB\<1% DISCLOSED · Claimed by Cactus · listed 1 year ago
Status timeline
- ListedFeb 25, 2025
- Data leakeddate unknown
At a glance
- Group
- Cactus
- Status
- Data leaked
- Country
- United States of America
- Sector
- Business Services
- Listed on leak site
- Feb 25, 2025
About the victim
AI dossier — public-source company profileBluEdge is a 125-year-old northeast-based vendor providing integrated business technology services and experiential marketing solutions. The company operates six commercial locations and offers managed IT services, managed print services, 3D printing/scanning, document management, reprographics, and branded experiential marketing services including event production, retail displays, and digital content creation.
- Industry
- Business Services & Experiential Marketing
- Address
- Multiple locations: Boston MA, Carlstadt NJ, Chicago IL, New York NY, Philadelphia PA, Washington DC
- Employees
- 501-1000
- Founded
- 1899
Attack summary
Severity: high — Confirmed exfiltration of 994 GB of business data from a multi-location company with significant client base; data already published; operational disruption to a business services provider affects downstream clients.Cactus ransomware group claims to have compromised BluEdge and exfiltrated approximately 994 GB of data. The group has published data, though disclosure status indicates less than 1% has been released publicly.
Data the group says was taken
AI dossier — extracted from the leak post- Business documents
- Client project files
- Operational records
- Technology infrastructure data
Sources
- Victim sitebluedge.com
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

