Ransomware victim disclosure
← All victimsbluedge.com
Claimed by Cactus · listed 1 year ago
Status timeline
- ListedFeb 25, 2025
- Data leakeddate unknown
At a glance
- Group
- Cactus
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- Feb 25, 2025
- Ransom demanded
- $104.5M
- Estimated revenue
- $104.5M
About the victim
AI dossier — public-source company profileBluEdge is a northeast-based business technology and experiential marketing services provider with over 125 years of history. They offer comprehensive managed print services, equipment sales, creative graphics, 3D printing and scanning, document services, and high-end experiential marketing across six commercial locations (Boston, Carlstadt, Chicago, New York, Philadelphia, Washington DC). The company serves clients in architecture, construction, retail, healthcare, hospitality, and other sectors.
- Industry
- Business Services & Print Technology — Managed Print Services, Equipment Sales, 3D Printing/Scanning, Document Services, Experiential Marketing
- Address
- 575 8th Ave, New York City, New York, 10018, United States
- Founded
- 1898
Attack summary
Severity: critical — Confirmed exfiltration of regulated PII at scale (driver's licenses, payroll, customer data), financial records, and business data. Proof files publicly posted. Large victim revenue ($104.5M) and broad data exposure across multiple sensitive categories.Cactus claims to have exfiltrated database backups, personal identifiable information, corporate documents, customer data, production data, financial records, invoices, payroll information, and corporate correspondence. The group published proof files including driver's licenses, project drawings, financial agreements, and project management documents.
Data the group says was taken
AI dossier — extracted from the leak post- database backups
- personal identifiable information (PII)
- corporate documents
- customer data
- production data
- project drawings
- financial documents
- invoices
- payroll records
- corporate correspondence
The group's post references roughly 5 proof files.
What the group claims
<p>Business Services.<br><br>“BluEdge is a national provider of comprehensive Managed Print Services, Equipment Sales, Creative Graphics, 3D Printing & Scanning, and Document Services.”<br><br>Website: <a href="https://bluedge.com/">https://bluedge.com/</a><br><br>Revenue : $104.5M<br><br>Address: 575 8th Ave, New York City, New York, 10018, United States<br><br>Phone Number: (212) 366-7250<br><br><mark class="marker-yellow"><strong>Download link #1:</strong></mark> <a href="https://6wuivqgrv2g7brcwhjw5co3vligiqowpumzkcyebku7i2busrvlxnzid.onion/BLUEDGE/PROOF/">https://6wuivqgrv2g7brcwhjw5co3vligiqowpumzkcyebku7i2busrvlxnzid.onion/BLUEDGE/PROOF/</a><br><br><mark class="marker-yellow"><strong>Mirror:</strong></mark> <a href="https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/BLUEDGE/PROOF/">https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/BLUEDGE/PROOF/</a><br><br><mark class="marker-yellow"><strong>DATA DESCRIPTIONS:</strong></mark> Database backups, personal identifiable information, corporate documents, customer data, production data, projects\drawings, financial documents, invoices, payroll, corporate correspondence, etc.</p><p><img src="/uploads/2022_04_20_Flagler_Towers_Site_Plan_24x29_509f494bfb.png" alt="2022-04-20 Flagler Towers Site Plan_24x29.png"><img src="/uploads/Drivers_License_Carey_Wertz_Geraci_Mcmahon_esposito_929bf82497.png" alt="Drivers_License Carey-Wertz-Geraci-Mcmahon-esposito.png"><img src="/uploads/IMC_ERA_Good_Shepherd_Hospital_January_4_2022_IMC_Signed_003_a340f65a27.png" alt="IMC ERA Good Shepherd Hospital - January 4 2022_IMC Signed (003).png"><img src="/uploads/Signed_2022_04_14_C_1_Electronic_File_Transfer_Agreement_2022_8d4d8dd81c.png" alt="Signed_2022-04-14_C.1. Electronic File Transfer Agreement 2022.png"><img src="/uploads/01_31_00_project_management_and_coordination_bb797f54a7.png" alt="01 31 00 - project management and coordination.png"></p>
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

