Ransomware victim disclosure
← All victimsCore Resources
listed as www.core-1.com · Claimed by RansomHub · listed 1 year ago
Status timeline
- ListedMar 21, 2025
- Data leakeddate unknown
At a glance
- Group
- RansomHub
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- Mar 21, 2025
About the victim
AI dossier — public-source company profileCore Resources is a Cincinnati, Ohio-based real estate development and general contracting firm specializing in real estate development, construction management, and owner representation. They manage projects across residential, commercial, and recreational sectors, with a focus on building lasting client partnerships.
- Industry
- Real Estate Development & General Contracting
- Address
- 7446 Jager Court, Cincinnati, OH 45230
Attack summary
Severity: low — No proof files or screenshots are advertised; no specific data exfiltration or operational impact is documented. The discrepancy between the AI-generated description and the actual company profile suggests limited substantiation of the claimed attack.RansomHub claims to have attacked Core Resources. The leak post describes the victim as an IT services company specializing in ITAD and data center services, but the actual company website indicates Core Resources is a real estate and construction firm. No specific data exfiltration claims or encryption details are provided in the disclosed materials.
Original description
AI-summarised, not from the leak postCore-1 is a California-based company specializing in IT services. They offer an array of services including IT asset disposition (ITAD), data center relocation, server decommissioning, and secure data destruction. The company focuses on optimizing and streamlining clients' IT operations, providing cost-effective, eco-friendly solutions. Core-1 is committed to delivering transparent and efficient strategies to dispose of or recycle obsolete hardware.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

