Ransomware: dragonforce claims LeRoy Surveyors & Engineers (US) — Business Services

On 15 May 2026, the ransomware group Dragonforce claimed responsibility for a data breach targeting LeRoy Surveyors & Engineers, a US-based firm in the business services sector. The claim was published on the ransomware.live leak site, which is monitored under the BREACH framework for tracking extortion events. While the specific data exfiltrated has not been fully detailed, such incidents typically involve client records, project files, and operational data.

This event primarily affects organizations in the engineering, surveying, and broader professional services sectors, particularly those handling sensitive client or infrastructure data. US-based firms with similar risk profiles should consider this a warning, as ransomware groups often target smaller service providers with weaker cybersecurity postures. The breach may also have downstream implications for clients whose data was held by the victim.

Compliance teams should immediately verify whether their organization or any third-party vendors have data shared with LeRoy Surveyors & Engineers. Review incident response plans to ensure they cover ransomware extortion scenarios, including communication protocols with regulators and affected parties. Additionally, reinforce employee training on phishing and credential theft, as these are common initial access vectors for groups like Dragonforce. Finally, assess current backup and recovery procedures to ensure they are isolated and testable.