Ransomware victim disclosure
← All victimsPosen Architects
listed as posen.com · Claimed by Abyss · listed 2 years ago
Status timeline
- ListedFeb 9, 2024
- Data leakeddate unknown
At a glance
- Group
- Abyss
- Status
- Data leaked
- Country
- United States
- Sector
- Business Services
- Listed on leak site
- Feb 9, 2024
- Data size
- 724 GB
- Ransom demanded
- $50
About the victim
AI dossier — public-source company profilePosen Architects is an architecture and interior design firm operating in New Jersey and New York. They provide architectural design, interior design, planning, and regulatory approval services across workplace, community, healthcare, and education sectors.
- Industry
- Architecture & Design Services
Attack summary
Severity: medium — Confirmed data exfiltration of 724 GB from a professional services firm. The data likely includes client project details and business information, but no evidence of regulated PII (medical, financial) or government/defense data. Severity is moderate due to scale and business sensitivity rather than regulatory classification.The Abyss group claims to have exfiltrated 724 GB of data from Posen Architects. The leak post itself is a catalog listing multiple victim companies' stolen data; the actual details specific to the posen.com breach are not provided in the truncated post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Business documents
- Project files
- Client information
- Design specifications
What the group claims
Posen Architects 724Gb uncompressed data
The leak post
captured from the group's site```
let data = [
{
'title' : 'thinlinetech.com',
'short' : 'thinlinetech.com 29Gb uncompressed data',
'full' : 'Thinline Technologies <br>' +
'Thinline Technologies offers reliable IT consulting and expert computer and network support services to businesses in the Baltimore metro area.<br> They specialize in network administration, technology planning, and help desk services, focusing on increasing productivity and profitability for small to mid-size businesses.<br>'+
'password: 6oGfyIRISQmmI3Ge2kEeyu7hbzONONEFpkcnhC1S4Ygk4iSpw4RRxDXY1uk9xeyUXOmg7UOuZvGekRc9cs8E61LWKdI08uv0kUyC4V6YxaETtrhniAtKD9t7FQ2qTFYi<br>'+
'Link â„–1 Filelist',
'links' : [
"http://zngbsq66uwem4qzyxpqb5rjo2xebnbwdku27nhmquryx6ljnbbedhiad.onion/thinline.lst.zip",
"http://zngbsq66uwem4qzyxpqb5rjo2xebnbwdku27nhmquryx6ljnbbedhiad.onion/thinline.rar"
]
},
{
'title' : 'crownlaboratories.com',
'short' : 'crownlaboratories.com 8Tb uncompressed data',
'full' : 'Crown Laboratories <br>' +
'Crown Laboratories, founded in 2000 and based in Johnson City, TN, provides pharmaceutica…Screenshot of the leak post

Sources
- Victim siteposen.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

