ALPHV attacks The Middleton Group

Incident Date:

May 24, 2023

World map



ALPHV attacks The Middleton Group


The Middleton Group




North Charleston, USA

South Carolina, USA

First Reported

May 24, 2023

The Middleton Group Suffers Ransomware Attack

The Middleton Group, an architectural and interior design firm based in Charleston, South Carolina, has been hit with a ransomware attack. BlackCat ransomware group has claimed responsibility for the attack, posting The Middleton Group to its data leak site on May 24. In the post on its data leak site, BlackCat claims to have stolen 1.7GB of data from The Middleton Group. It is currently unclear how much money the group is demanding or how long The Middleton Group must pay to recover their stolen data. The company has not commented on the incident.

The Middleton Group is a Charleston, South Carolina based architectural and interior design firm. It was founded in 2007 by Carolina natives Laura and Blake Middleton and has gone on to win multiple awards. The company has worked on a variety of project types, including restaurants, offices, medical, hospitality, adaptive reuse, historic, and residential.

About BlackCat Ransomware

BlackCat, also known as ALPHV, is a ransomware operation that first surfaced in November 2021. It is a possible rebrand of the DarkSide ransomware gang, which was responsible for the infamous Colonial Pipeline incident in 2021. BlackCat is somewhat of a pioneer in ransomware circles, hosting their data leak site on the public internet rather than the dark web.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.