Ransomware victim disclosure
← All victimsHirsh Industries
Claimed by Ransomhouse · listed 2 years ago
Status timeline
- ListedApr 24, 2024
- Data leakeddate unknown
At a glance
- Group
- Ransomhouse
- Status
- Data leaked
- Country
- United States
- Sector
- Manufacturing
- Listed on leak site
- Apr 24, 2024
- Data size
- 743 GB
- Ransom demanded
- $740
About the victim
AI dossier — public-source company profileHirsh Industries manufactures commercial-grade and consumer office storage products, including vertical files, lateral files, mobile pedestals, desking, and shelving units. Operating from West Des Moines, Iowa, the company serves both commercial and residential markets through brands including Hirsh Space Solutions.
- Industry
- Office Furniture & Storage Solutions Manufacturing
- Address
- 3636 Westown Parkway Suite 100, West Des Moines, IA 50266, United States
Attack summary
Severity: medium — Large data volume (743 GB) and encryption-only claim; no specific sensitive data categories (PII, financial, medical) explicitly confirmed in the leak post. No operational disruption to critical infrastructure evident.Ransomware group claims to have encrypted Hirsh Industries' systems. The leak post does not explicitly state data exfiltration, though 743 GB of data volume is cited and the group lists the victim among multiple disclosed/evidence cases.
Data the group says was taken
AI dossier — extracted from the leak post- business data
- operational files
What the group claims
Hirsh Industries has operated continuously since 1924, when it began as the W.P. Johnson Company which specialized in metal fabrication. In 1989 the company changed its name to SteelWorks and continued to grow as the leader in filing products. In 1999 the company took on the name Hirsh Industries as the primary product lines expanded to include commercial grade filing and shelving items, along with a broader assortment of small and home office file cabinets.
The leak post
captured from the group's site```
{"data":[{"id":"a1894b76b7004c75a3a0845799af49956592e3d9","display":"animated","header":"HOT NEWS","info":" Trellix is a global cybersecurity company.","url":"","sort":1,"views":"436242"},{"id":"336b257f582b17573c97578efd4b22762bf77344","sort":2,"header":"Trellix (McAfee & FireEye)","url":"https://www.trellix.com/","private":"false","revenue":"1.5-2 B$","employees":"5000","info":"Trellix is a global cybersecurity company formed from the October 2021 merger of McAfee Enterprise and FireEye. It provides services to over 50,000 business and government customers worldwide, protecting more than 200 million endpoints. The companys open and native extended detection and response (XDR) platform helps organizations confronted by todays most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security","statusDate":"DEPENDS ON YOU","status":"EVIDENCE","published":"NOT YET","action":"Encrypted","actionDate":"17/04/2026","volume":"~","content":"cybersecurity.html"…Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

