Ransomware victim disclosure
← All victimsSamuel D. Koon & Associates, Ltd.
listed as samuelkoon.com · Claimed by Settra · listed 9 hours ago
Status timeline
- ListedJul 16, 2026
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileSamuel D. Koon & Associates, Ltd. is a Columbus, Ohio-based commercial real estate appraisal and consulting firm founded in 1997. The company serves lending institutions, corporations, government agencies, and private clients across the United States and internationally, with expertise in appraising diverse property types including office, industrial, hospitality, and multi-family assets.
- Industry
- Commercial Real Estate Appraisal & Consulting
- Address
- 141 East Town Street, Suite 310, Columbus, Ohio 43215
- Founded
- 1997
Attack summary
Severity: high — Confirmed exfiltration of sensitive financial data including large portfolio values and numerous bank accounts, which poses significant risk to the company and its clients. While data has been published, the scope and financial sensitivity elevate risk.The Settra group claims to have exfiltrated data from the company, highlighting access to a $25 million portfolio and 350+ bank accounts. The post suggests significant financial and client information was compromised.
Data the group says was taken
AI dossier — extracted from the leak post- Financial portfolio records ($25M+)
- Bank account information (350+ accounts)
- Client data
- Property appraisal records
- Real estate transaction documents
What the group claims
How Samuel D. Koon & Associates Controls a $25 Million Portfolio and 350+ Bank Accounts PROLOGUE...
Sources
Source
Indexed 9 hours agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

