Ransomware victim disclosure
← All victimsFlad Architects
listed as flad.com · Claimed by Chaos · listed 4 months ago
Status timeline
- ListedMar 12, 2026
- Data leakeddate unknown
At a glance
- Group
- Chaos
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Mar 12, 2026
- Data size
- 2.2 TB
About the victim
AI dossier — public-source company profileFlad Architects is a national architecture firm headquartered in the United States specializing in high-stakes science and technology infrastructure projects. The firm is described as a leading national practice in its sector, working on complex facility types such as research, laboratory, and technology environments. It operates across multiple locations serving clients nationwide.
- Industry
- Architecture & Engineering (Science & Technology Facilities)
Attack summary
Severity: high — 2.2 TB of confirmed exfiltrated data from an architecture firm handling sensitive science and technology infrastructure projects represents significant business and potentially client-sensitive data exposure; data has been published, elevating severity beyond medium.The Chaos ransomware group claims to have exfiltrated over 2.2 TB of data from Flad Architects, describing the breach as a major security incident involving critical and sensitive information; the disclosure status indicates data has been published.
Data the group says was taken
AI dossier — extracted from the leak post- Architectural plans and project files
- Critical and sensitive business information
- Potentially client and project data related to science and technology infrastructure
What the group claims
We are announcing a major security breach and data exfiltration from Flad Architects, a leading national firm specializing in high-stakes science and technology infrastructure. Total volume of exfiltrated data: Over 2.2 TB The leaked archive includes critical and sensitive information across the f…
Sources
Source
Indexed 4 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

