Ransomware victim disclosure
← All victimsRescue Mission Alliance
Claimed by Pear · listed 10 months ago
Status timeline
- ListedSep 14, 2025
- Data leakeddate unknown
At a glance
- Group
- Pear
- Status
- Data leaked
- Country
- United States
- Sector
- Public Sector
- Listed on leak site
- Sep 14, 2025
About the victim
AI dossier — public-source company profileRescue Mission Alliance is a Christian non-profit organization founded by Charles and Mary Pope in the 1970s, serving the less fortunate in Southern California. It provides emergency and long-term rehabilitation services including food, clothing, shelter, and life-change programs across regions including Antelope Valley, Central Coast, San Fernando Valley, and Ventura County. The organization operates thrift stores and relies heavily on donations and volunteers.
- Industry
- Nonprofit Social Services & Christian Ministry
- Address
- Southern California, United States
- Founded
- 1970
Attack summary
Severity: high — Data has been published by the threat actor against a nonprofit serving vulnerable populations (homeless, domestic violence survivors, addiction recovery clients), meaning sensitive PII of at-risk individuals is likely exposed; data_published status confirms exfiltration occurred.The ransomware group 'pear' claims to have attacked Rescue Mission Alliance and has published data (disclosed status: data_published), though the specific nature of the exfiltrated or encrypted data is not described in the leak post.
Data the group says was taken
AI dossier — extracted from the leak post- Donor records
- Client/beneficiary personal information
- Employee records
- Financial accountability documents
- Internal organizational data
What the group claims
Pioneering Christian organization that helps people realize their potential to live beyond their limitations
Sources
Source
Indexed 10 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

