Ransomware victim disclosure
← All victimsThrive
listed as InCare Technologies · Claimed by Sarcoma · listed 2 years ago
Status timeline
- ListedOct 9, 2024
- Data leakeddate unknown
At a glance
- Group
- Sarcoma
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- Oct 9, 2024
- Data size
- 161 GB
About the victim
AI dossier — public-source company profileThrive is a global managed services provider founded in 2000 in Concord, Massachusetts, specializing in cybersecurity, cloud, and digital transformation services for SMBs. The company has grown through over 20 strategic acquisitions since 2017 and operates across North America, Europe, and Asia-Pacific regions.
- Industry
- Managed IT Services & Cybersecurity
- Address
- Concord, Massachusetts, United States
- Founded
- 2000
Attack summary
Severity: critical — Confirmed exfiltration of 161 GB of data including SQL databases from a major managed IT services and cybersecurity provider. As an MSP with global client base, the breach likely exposes sensitive client infrastructure data, credentials, and business intelligence at scale. The victim's role in managing security for other organizations amplifies the systemic risk.The Sarcoma group claims to have exfiltrated 161 GB of data from Thrive, including files and SQL databases. The group has published the data as proof of the breach.
Data the group says was taken
AI dossier — extracted from the leak post- SQL databases
- company files
- client data
What the group claims
Our Story Thrive began in 2000 as a modest IT services firm in Concord, Massachusetts. The pioneering original founders believed no one wanted break/fix anymore and were one of the first companies in the world to create proactive managed services for the SMB market. Thrive has since become a global leader in cybersecurity, Cloud, and digital transformation Managed Services. The company was acquired by Staples in 2007, MetTel in 2014, and then recapitalized by Private Equity firm M/C Partners in 2016 and Court Square Capital in 2021, which ushered in a new era of resilience, growth, and industry leadership. Since 2017, Thrive has secured funding and expanded the company’s global footprint across North America, Europe, and the Asia-Pacific region through a steady march of over 20 strategic acquisitions. Our comprehensive end-to-end solutions, anchored by an unrivaled NextGen portfolio of managed cybersecurity and Cloud offerings, enable businesses to transform digitally and securely. Amid the success, Thrive has won awards for creating innovative, outsourced IT solutions to meet clients’ global technology requirements. Yet, our company’s true strength lies in our employees’ passion and dedication. Thrive’s diverse and talented team embodies a culture of collaboration, learning, teamwork, and continuous growth that powers our clients’ digital transformation journeys and delivers tremendous ROI. Thrive is not just a company; it’s a testament to what happens when a community of passionate individuals comes together to unleash the full potential of technology and human collaboration. Our story is one of continuous evolution, innovation, and a steadfast commitment to technology excellence on our customers’ behalf. Thrive can only be successful when our clients win, and we are just getting started.Geo: USA - Leak size: 161 GB Archive - Contains: Files, SQL
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

