Ira & Larry Goldberg Coins & Collectibles Listed as Ransomware Victim by Emerging Threat Actor CMDORGANIZATION

Ira & Larry Goldberg Coins & Collectibles, a U.S.-based rare coins and collectibles dealer, has been added to the victim list of a ransomware group operating under the designation CMDORGANIZATION. The company's inclusion in the dark web leak site associated with this actor was identified through open-source intelligence monitoring, signaling that the business may have fallen prey to a ransomware attack or data exfiltration attempt.

The CMDORGANIZATION group represents an emerging actor in the ransomware ecosystem, with its operations tracked by threat intelligence platforms that monitor dark web infrastructure. Details regarding the scope of the alleged attack—including whether data was encrypted, exfiltrated, or a ransom demand issued—remain limited at this stage. RedPacket Security, a threat intelligence source, documented the listing as part of ongoing tracking of ransomware victim disclosures across dark web channels.

The targeting of a numismatic and collectibles retailer raises questions about the group's selection criteria, as这类 businesses typically hold sensitive customer transaction records and inventory data. While the full extent of the compromise is not yet confirmed, the mere presence on a ransomware leak site indicates potential data exposure that could affect both the company and its customers. Organizations in the collectibles and high-value goods sector should monitor for related activity and ensure defensive measures are current.