Ransomware victim disclosure
← All victimsSolar City
Claimed by Blacklock · listed 1 year ago
Status timeline
- ListedJun 3, 2025
- Data leakeddate unknown
At a glance
- Group
- Blacklock
- Status
- Data leaked
- Country
- United States
- Sector
- Energy
- Listed on leak site
- Jun 3, 2025
- Records
- 25 Employees
- Ransom demanded
- $5M
About the victim
AI dossier — public-source company profileSolar City is a renewable energy consultancy assisting towns, cities and city regions in integrating renewable energy technologies. The company operates in Australia with fewer than 25 employees and annual revenue below $5 million.
- Industry
- Renewable Energy Consulting & Integration
- Employees
- <25
Attack summary
Severity: medium — Confirmed data exfiltration and publication by the threat actor; however, the company is small (<25 employees), operates in a non-critical sector, and no evidence of regulated/sensitive data (PII at scale, medical, financial, government) is explicitly stated. The impact is moderate given the organization's size and apparent lack of critical infrastructure designation.BlackLock claims to have exfiltrated data from Solar City. The group has published data as proof of compromise, though specific data types are not detailed in the available post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- business records
- client information
- project documentation
What the group claims
Electricity, Oil & Gas Australia <25 Employees Solar City® is dedicated to assisting towns, cities and city regions in fully integrating renewable energy technologies. Revenue <$5 Million
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

