Ransomware victim disclosure
← All victimsElite Flower
listed as www.eliteflower.com · Claimed by Lynx · listed 7 months ago
Status timeline
- ListedDec 8, 2025
- Data leakeddate unknown
At a glance
- Group
- Lynx
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Dec 8, 2025
About the victim
AI dossier — public-source company profileElite Flower (by Hannaford) is a large-scale floral conglomerate founded in 1991 and headquartered in Miami, Florida. The company grows over 1,000 varieties of flowers — including roses, spray roses, alstroemerias, and gerberas — on sustainable farms across Colombia, Ecuador, Kenya, and other regions. With over 42,000 employees, more than 2,000 hectares of production, and 30+ business units, it is one of the world's leading floral production and distribution organizations.
- Industry
- Floral Production & Distribution
- Address
- Miami, Florida, United States
- Employees
- 42000
- Founded
- 1991
Attack summary
Severity: high — Data has been confirmed as published by the threat actor against a large company with over 42,000 employees across multiple countries, indicating significant exfiltration of business and potentially employee data at scale.The Lynx ransomware group claims to have attacked Elite Flower and has published data (disclosed status: data_published), suggesting exfiltration of company data. No specific ransom amount or data size was stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Company business data
- Operational records
- Potentially employee records (42,000+ staff)
What the group claims
Founded in 1991 and headquartered in Miami, Florida, Elite Flower specializes in roses, spray roses, alstroemerias, and gerberas.
Sources
Source
Indexed 7 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

