Ransomware victim disclosure
← All victimsWhatcom County Library System
Claimed by Unsafe · listed 4 years ago
Status timeline
- ListedDec 21, 2022
- Data leakeddate unknown
At a glance
- Group
- Unsafe
- Status
- Data leaked
- Country
- United States
- Sector
- Government
- Listed on leak site
- Dec 21, 2022
- Estimated revenue
- $7.00M
About the victim
AI dossier — public-source company profileWhatcom County Library System (WCLS) is a public library system serving Whatcom County, Washington State, operating multiple branch locations including Blaine, Deming, Everson, Ferndale, and Lummi Island, plus a bookmobile service. It provides books, digital content, community programs, and various lending services to county residents. Annual revenue is reported at approximately $7 million.
- Industry
- Public Library System
- Address
- 610 3rd Street, Blaine, WA 98230 (headquarters/main branch listed first); multiple branches across Whatcom County, WA
Attack summary
Severity: high — Data is confirmed as published (data_published status) by the threat actor, indicating successful exfiltration from a public government entity whose records likely include patron PII and staff data. Publication of data from a government-affiliated public institution warrants high severity even without a confirmed data volume.The ransomware group 'unsafe' claims to have attacked Whatcom County Library System, with the disclosure status listed as 'data_published', indicating data has been exfiltrated and published. No specific ransom amount or data volume was stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Potentially library patron records
- Employee records
- Operational/administrative data
What the group claims
country: US - revenue: 7.00M
Sources
- Victim sitewcls.org
Source
Indexed 4 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

