Ransomware victim disclosure
← All victimsVSS Transportation Group
listed as vsstransportationgroup.com\$54.5M\USA\522GB\<1% DISCLOSED · Claimed by Cactus · listed 1 year ago
Status timeline
- ListedJan 30, 2025
- Data leakeddate unknown
At a glance
- Group
- Cactus
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Jan 30, 2025
About the victim
AI dossier — public-source company profileVSS Transportation Group is a nationwide freight logistics provider operating 450+ power units and 1,200+ trailers with 5 US locations. They offer full truckload, less-than-truckload, logistics forwarding, and warehousing services with 98.7% on-time performance. The company has been recognized by Inc. Magazine as one of America's Fastest-Growing Private Companies.
- Industry
- Expedited Truckload Freight & Logistics
- Address
- 1325 W Belt Line Rd, Carrollton, TX 75006
- Employees
- 51-200
Attack summary
Severity: high — Confirmed data exfiltration of 522GB from critical infrastructure operator (transportation/logistics). Significant operational and business data at scale; potential exposure of customer logistics details and internal operations. No proof files captured but disclosure status is 'data_published'.Cactus ransomware group claims to have attacked VSS Transportation Group and exfiltrated data. The group claims 522GB of data disclosure, though the post content was not captured.
Data the group says was taken
AI dossier — extracted from the leak post- operational logistics records
- customer shipment data
- driver information
- billing and financial records
- supply chain documentation
Sources
- Victim sitevsstransportationgroup.com
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

