Ransomware victim disclosure
← All victimsUS Graphite
Claimed by Pear · listed 10 months ago
Status timeline
- ListedSep 14, 2025
- Data leakeddate unknown
At a glance
- Group
- Pear
- Status
- Data leaked
- Country
- United States
- Sector
- Manufacturing
- Listed on leak site
- Sep 14, 2025
About the victim
AI dossier — public-source company profileUS Graphite Corp is a manufacturer of engineered carbon and graphite components, operating facilities in the USA, UK, and Mexico with sales offices in the USA and Europe. The company produces specialty materials under the GRAPHITAR® brand for use in mechanical seals, bearings, aerospace, nuclear power generation, automotive, petrochemical, and fluid handling applications. It is ISO 9001:2015 registered and serves customers globally.
- Industry
- Engineered Carbon & Graphite Components Manufacturing
- Address
- 1620 East Holland Avenue, Saginaw, Michigan 48601, USA
Attack summary
Severity: high — Data has been confirmed published by the threat actor. US Graphite serves aerospace, nuclear, petrochemical, and defense-adjacent industries, meaning exfiltrated data could include sensitive technical specifications, customer lists, and supply chain information of significant national and industrial importance.The ransomware group 'pear' claims to have compromised US Graphite Corp and has published data (disclosed status: data_published), though no specific ransom amount or data volume has been stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Company business data
- Potentially proprietary engineering/materials data
- Customer records
- Internal corporate files
What the group claims
Specialists in carbon and graphite engineering solutions
Sources
Source
Indexed 10 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

