Ransomware victim disclosure
← All victimsWold Architects & Engineers
listed as woldae.com · Claimed by Abyss · listed 2 years ago
Status timeline
- ListedMay 7, 2024
- Data leakeddate unknown
At a glance
- Group
- Abyss
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- May 7, 2024
- Data size
- 9.7 TB
- Ransom demanded
- $50
About the victim
AI dossier — public-source company profileWold Architects & Engineers is a full-service planning, architecture, and engineering firm providing customizable services across education, government, and healthcare sectors. The firm specializes in facility master planning, sustainability, interior design, and related professional services.
- Industry
- Architecture & Engineering Services
Attack summary
Severity: medium — Confirmed data exfiltration with no specific mention of sensitive personal data types (PII, medical, financial) in the leak post excerpt. The firm handles architectural and engineering projects for institutional clients, which may include some business-sensitive information but does not clearly indicate regulated data exposure.The Abyss group claims to have exfiltrated data from Wold Architects & Engineers. The leak post aggregates multiple victim organizations (this entry is one of at least nine companies listed), with data being published on the group's dark web portal.
Data the group says was taken
AI dossier — extracted from the leak post- Business documents
- Project files
- Client data
- Architectural designs
- Engineering plans
What the group claims
woldae.com 9.7Tb uncompressed data
The leak post
captured from the group's site```
let data = [
{
'title' : 'thinlinetech.com',
'short' : 'thinlinetech.com 29Gb uncompressed data',
'full' : 'Thinline Technologies <br>' +
'Thinline Technologies offers reliable IT consulting and expert computer and network support services to businesses in the Baltimore metro area.<br> They specialize in network administration, technology planning, and help desk services, focusing on increasing productivity and profitability for small to mid-size businesses.<br>'+
'password: 6oGfyIRISQmmI3Ge2kEeyu7hbzONONEFpkcnhC1S4Ygk4iSpw4RRxDXY1uk9xeyUXOmg7UOuZvGekRc9cs8E61LWKdI08uv0kUyC4V6YxaETtrhniAtKD9t7FQ2qTFYi<br>'+
'Link â„–1 Filelist',
'links' : [
"http://zngbsq66uwem4qzyxpqb5rjo2xebnbwdku27nhmquryx6ljnbbedhiad.onion/thinline.lst.zip",
"http://zngbsq66uwem4qzyxpqb5rjo2xebnbwdku27nhmquryx6ljnbbedhiad.onion/thinline.rar"
]
},
{
'title' : 'crownlaboratories.com',
'short' : 'crownlaboratories.com 8Tb uncompressed data',
'full' : 'Crown Laboratories <br>' +
'Crown Laboratories, founded in 2000 and based in Johnson City, TN, provides pharmaceutica…Screenshot of the leak post

Sources
- Victim sitewoldae.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

