Active since 2022 · ~1,200 known victims · double extortion · suspected Russia-linked
Victim organization
J&J Gaming
A U.S. amusement, arcade & attractions company added to the PLAY ransomware data-leak site. The actor claims theft of confidential corporate data and threatens to release it on the stated publication date. Volume and scope are unverified.
United StatesPrivate and personal confidential data, clients documents, budget, payroll, IDs, taxes, finance information and etc.
As posted on the leak site · reproduced verbatim · unverified
Appearance on an active leak site indicates the actor claims to hold exfiltrated data and is using a publication deadline as leverage under a double-extortion model. The named categories - payroll, IDs, tax and finance records, and client documents - would, if authentic, expose the organization and named individuals to fraud, identity theft, and targeted extortion, with risk of public release rising sharply once the date passes. No data, samples, or actor contact channels are reproduced here, and the volume and scope remain unverified. J&J Gaming has not publicly addressed the claim as of this post.
Dark Web InformerThreat Intelligence
