RansomwareUnknownMarch 2, 2025

Couri Insurance Agency ransomware attack (Play, 2025)

Couri Insurance Agency was named on the Play ransomware data-leak (extortion) site on 2025-03-02.

Victim: Couri Insurance Agency

Threat actorPlay

Imported from ransomwatch — pending editorial review. Machine-extracted from ransomware leak-site monitoring.

On 2025-03-02, Couri Insurance Agency was listed as a victim on the Play ransomware group's data-leak (extortion) site, indicating a ransomware attack with threatened or actual publication of stolen data.

Sources

ransomware.livehttps://www.ransomware.live/
github.comhttps://github.com/joshhighet/ransomwatch

Related incidents

RansomwareUnknownJune 16, 2025

Jasper Products ransomware attack (Play, 2025)

Jasper Products was named on the Play ransomware data-leak (extortion) site on 2025-06-16.

Victim: Jasper Products

RansomwareUnknownJune 16, 2025

NF Stroth & Associates ransomware attack (Play, 2025)

NF Stroth & Associates was named on the Play ransomware data-leak (extortion) site on 2025-06-16.

Victim: NF Stroth & Associates

RansomwareUnknownJune 15, 2025

S&H Express ransomware attack (Play, 2025)

S&H Express was named on the Play ransomware data-leak (extortion) site on 2025-06-15.

Victim: S&H Express

RansomwareUnknownJune 14, 2025

NPD Products ransomware attack (Play, 2025)

NPD Products was named on the Play ransomware data-leak (extortion) site on 2025-06-14.

Victim: NPD Products