Ransomware victim disclosure
← All victimsGreen Valley Farm Supply, Inc.
listed as gvfsinc.com · Claimed by Settra · listed 6 days ago
Status timeline
- ListedJul 9, 2026
- Data leakeddate unknown
At a glance
- Group
- Settra
- Status
- Data leaked
- Country
- United States
- Sector
- Business Services
- Listed on leak site
- Jul 9, 2026
About the victim
AI dossier — public-source company profileGreen Valley Farm Supply, Inc. is a locally owned and operated agricultural distributor and crop consulting firm based in Salinas Valley, California, serving growers across coastal California and desert production regions since 1999. The company operates four strategic locations (Gonzales, Watsonville, Hollister, CA and Yuma, AZ) and provides crop protection services, consulting, and specialty application equipment.
- Industry
- Agricultural Crop Consulting & Supply
- Address
- P.O. Box 950, Gonzales, CA 93926 (headquarters); additional locations in Watsonville, CA; Hollister, CA; Castroville, CA; and Yuma, AZ
- Founded
- 1999
Attack summary
Severity: medium — Data has been published by the threat actor, but the specific content and sensitivity level are unclear from the truncated leak post. No confirmed exfiltration of regulated PII, financial data, or customer information is explicitly stated. The agricultural distributor likely holds customer agricultural data and operational records of moderate sensitivity.The settra group claims to have breached Green Valley Farm Supply and published data related to the company's operations and business records, including materials related to a 'self-lease scheme.'
Data the group says was taken
AI dossier — extracted from the leak post- Business records
- Operational documents
- Financial/lease arrangements
What the group claims
GREEN VALLEY: SELF-LEASE SCHEME How a California agricultural distributor pays rent to companies con...
Sources
Source
Indexed 6 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

