The Salvation Army
The Salvation Army
Group: Chaos
Discovered by ransomware.live: 2025-05-27
Estimated attack date: 2025-05-27
Country:
Data exfiltrated: 0 GB
Description:
Data will be released soon. The Salvation Army, established in 1865, has been offering an array of social services that range from providing food for the hungry, relief for disaster victims, assistance for the disabled, outreach to the elderly and ill, clothing and shelter to the homeless and opportunities for underprivileged children.
Compromised Employees: 28
Compromised Users: 47
Third Party Employee Credentials: 101
External Attack Surface: 67
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
- domain.operations@web.com
- salvationarmy-org.mail.protection.outlook.com.
- google-site-verification=ECzXYgOFSK0pAPUtGWuc2-2u2HcMWQ_Q7M9vc6idsi0
- google-site-verification=clLt0PHs8uQqg5awiWrkmEAl4_JqGS29B0Mbv61Lbo0\010
- atlassian-domain-verification=BQGMs65JUYMSeca9j7m0YaCI7ADAc0z65wvs/Jl7S1GqgmJqPkKrFo9Ow4VD7rWp
- v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email include:spf.protection.outlook.com -all
- k4lnu6r9rir1dql12bejjtc3v4b
- klaviyo-site-verification=XvRtQ5
- facebook-domain-verification=qpbyy2h02qitacy9gdl1cwdvmjauze
- google-site-verification=6Pa6tO2EjM20xypqFTsAv0KGcRK2Y93CY2FRVScc0g4
Leak Screenshot:
Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.