Ransomware victim disclosure
← All victimsProvidence Warwick Convention & Visitors Bureau
listed as The Providence Warwick Convention · Claimed by Lynx · listed 1 year ago
Status timeline
- ListedJul 9, 2025
- Data leakeddate unknown
At a glance
- Group
- Lynx
- Status
- Data leaked
- Country
- United States
- Sector
- Hospitality and Tourism
- Listed on leak site
- Jul 9, 2025
About the victim
AI dossier — public-source company profileThe Providence Warwick Convention & Visitors Bureau is a destination marketing organization based in Providence, Rhode Island, serving the greater Providence-Warwick area. It provides convention planning, tourism services, visitor information, group tour coordination, and leisure travel support.
- Industry
- Convention & Visitors Bureau / Hospitality and Tourism
- Address
- Providence, Rhode Island, United States
Attack summary
Severity: medium — Data has been confirmed published (disclosed status: data_published), indicating exfiltration occurred. However, the specific data types and sensitivity level are not detailed in the available post. A CVB handles tourism and convention data which may include some PII and business records, but without confirmation of scale or regulated data categories, this warrants 'medium' rather than 'high'.Lynx claims to have compromised the Providence Warwick Convention & Visitors Bureau and exfiltrated data. The group has published data from the breach; specific details on what data was taken or the operational scope are not fully stated in the available post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Convention and event planning records
- Visitor information
- Tourism-related operational data
What the group claims
Providence Warwick Convention & Visitors Bureau is a creative capital community. It offers services including Meetings & Conventions, Tourism, Hospitality, Visitor Information, Convention Services, Group Tours, and Leisure Travel. The company is based in Providence, Rhode Island.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

