Ransomware victim disclosure
← All victimsGPF Lewis
Claimed by Hunters International · listed 1 year ago
Status timeline
- ListedMay 5, 2025
- Data leakeddate unknown
At a glance
- Status
- Data leaked
- Country
- United Kingdom
- Sector
- Construction
- Listed on leak site
- May 5, 2025
About the victim
AI dossier — public-source company profileGPF Lewis is an established UK-based construction and refurbishment specialist operating across multiple sectors including commercial, residential, education, healthcare, leisure, industrial, and hospitality. They provide services ranging from interior fit-outs and new builds to structural alterations, with a divisions-based structure and commitment to sustainability.
- Industry
- Construction & Refurbishment
Attack summary
Severity: high — Confirmed exfiltration and encryption of business data from an operational company. Construction firms typically hold sensitive client contracts, architectural designs, and project details of significant commercial value.Hunters International claims to have exfiltrated data from GPF Lewis and encrypted their systems. The group has published evidence of the attack.
Data the group says was taken
AI dossier — extracted from the leak post- Business records
- Project documentation
- Client information
- Financial records
What the group claims
Exfiltraded data : yes - Encrypted data : yes
Sources
- Victim sitewww.gpflewis.co.uk
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

