Ransomware victim disclosure
← All victimsRocket Stores
listed as rocketstores.com\$738.9M\USA\3.2TB\<1% DISCLOSED · Claimed by Cactus · listed 1 year ago
Status timeline
- ListedMar 12, 2025
- Data leakeddate unknown
At a glance
- Group
- Cactus
- Status
- Data leaked
- Country
- United States
- Sector
- Retail & Consumer
- Listed on leak site
- Mar 12, 2025
About the victim
AI dossier — public-source company profileRocket Stores is a convenience retail chain founded in 2020, operating fuel stations with integrated car wash services, delivery options, and an Amazon Locker presence. The company operates multiple locations across the United States and offers a mobile app (Rocket CREW) for loyalty rewards, fuel purchases, and in-store payments.
- Industry
- Convenience Retail & Car Wash Services
- Founded
- 2020
Attack summary
Severity: high — Confirmed data exfiltration of 3.2TB from a multi-location retail operation with customer payment systems, employee data, and loyalty program information. Data has been published, indicating operational compromise of a significant retail infrastructure.The Cactus ransomware group claims to have compromised Rocket Stores and exfiltrated 3.2TB of data. The group has published less than 1% of the stolen data as proof of the attack.
Data the group says was taken
AI dossier — extracted from the leak post- Customer payment information
- Employee records
- Business operational data
- Point-of-sale records
- Customer loyalty program data
Sources
- Victim siterocketstores.com
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

