Ransomware victim disclosure
← All victimsDCT Industrial Supply Company
listed as dctsupply.com · Claimed by Toufan · listed 3 years ago
Status timeline
- ListedDec 19, 2023
- Data leakeddate unknown
At a glance
- Group
- Toufan
- Status
- Data leaked
- Country
- United States
- Sector
- Manufacturing
- Listed on leak site
- Dec 19, 2023
About the victim
AI dossier — public-source company profileDCT Industrial Supply Company is a leading distributor of cutting tools, abrasives, and machine tool accessories based in Decatur, Illinois. The company operates an e-commerce platform serving industrial customers with a broad product catalog spanning hand tools, power tools, fasteners, hydraulics, welding supplies, and more. It emphasizes quality products and technical support for efficient use.
- Industry
- Industrial Supply & Distribution (Cutting Tools, Abrasives & Machine Tool Accessories)
- Address
- 410 N Jasper St, Decatur, IL 62521
Attack summary
Severity: medium — Data is reported as published by the group, suggesting exfiltration occurred, but no leak post details confirm the scale or sensitivity of the data. No regulated data (medical, financial, government) is evident from the company's profile, and no proof file count is available.The Toufan ransomware group has listed DCT Industrial Supply Company as a victim with a disclosed status of data_published, indicating data has been released. No leak post content was captured, so specific claims about encryption or exfiltration scope are unavailable.
Data the group says was taken
AI dossier — extracted from the leak post- Customer account data
- Order history
- Contact information
- Business records
Sources
- Victim sitedctsupply.com
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

