Ransomware victim disclosure
← All victimsNew Horizons Baking Company
listed as newhorizonsbaking.com\$163M\USA\455GB\100% DISCLOSED · Claimed by Cactus · listed 1 year ago
Status timeline
- ListedMar 2, 2025
- Data leakeddate unknown
At a glance
- Group
- Cactus
- Status
- Data leaked
- Country
- United States of America
- Sector
- Food & Agriculture
- Listed on leak site
- Mar 2, 2025
About the victim
AI dossier — public-source company profileNew Horizons Baking Company is a manufacturer of custom baked goods, food blends, and nutritional solutions serving quick-service restaurants, retail, and food service industries. Based in Norwalk, Ohio, the company operates through subsidiary brands including Genesis Baking Company and New Horizons Food Solutions, supplying English muffins, soft rolls, custom seasoning blends, and functional bakery systems to major institutional clients.
- Industry
- Baked Goods & Food Manufacturing
- Address
- 211 Woodlawn Avenue, Norwalk, OH 44857, USA
- Employees
- 51-200
- Founded
- 1969
Attack summary
Severity: high — Confirmed exfiltration of 455GB with 100% disclosure stated; company operates in food manufacturing serving major QSR brands, suggesting access to significant operational, customer, and possibly food safety data. Scale and industry sensitivity warrant high classification despite lack of detailed proof inventory.Cactus ransomware group claims to have compromised New Horizons Baking and exfiltrated data. The victim name metadata indicates 100% disclosure of approximately 455GB of data, though no specific details of the attack method or data categories are provided in the captured leak post.
Data the group says was taken
AI dossier — extracted from the leak post- business records
- customer data
- operational files
- proprietary formulations
Sources
- Victim sitenewhorizonsbaking.com
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

