Ransomware victim disclosure
← All victimsHawk Scada
listed as hawkremote.com · Claimed by Darkvault · listed 2 years ago
Status timeline
- ListedApr 11, 2024
- Data leakeddate unknown
At a glance
- Group
- Darkvault
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- Apr 11, 2024
About the victim
AI dossier — public-source company profileHawk Scada designs and installs SCADA (Supervisory Control and Data Acquisition) systems and alarming solutions for critical infrastructure sectors including municipalities, water/wastewater treatment, natural gas processing, energy management, surface mining, and broadcasting across the southeastern United States. Operating since 1994, they serve public utilities and industrial customers with customized multi-user platform solutions.
- Industry
- Industrial Control Systems (SCADA) & Alarming Solutions
- Address
- 907A Lynn Lane, Starkville, MS 39759
- Founded
- 1994
Attack summary
Severity: high — Confirmed data exfiltration from a critical infrastructure SCADA vendor serving municipal utilities, water treatment, and energy systems. Compromise of such a vendor's data poses significant operational risk to dependent infrastructure even if direct encryption was not performed.Darkvault claims to have breached Hawk Scada and exfiltrated data. The group has published the data but no specific details about the nature or volume of compromised information are provided in the available post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Operational/technical documentation
- Customer information
- System configuration data
What the group claims
Hawk SCADA has been installing SCADA systems in multiple industries since 1994. Our products are preferred by our customers, in part because we offer multiple modes of monitoring delivered on a secure multi-user platform.
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

