Home All Victims North Dallas Shared Ministries

North Dallas Shared Ministries

cmdorganization

This record tracks a ransomware attack claimed by the cmdorganization group against North Dallas Shared Ministries. It collects the publicly disclosed attack details — sector, location and timeline — as published on the operator's leak site and indexed by Breach House.

Window Zero

EXPOSURE GAP

Window Zero is the time the breach stayed in the open before anyone said so — the gap between when the attack was first discovered on the operator's leak site (t1) and when it was publicly disclosed (t2). The wider this window, the longer victims, staff and customers were exposed with no warning.

-72days
t1 · Published t2 · Disclosed
May 25, 2026Mar 15, 2026
Country
United States
Business Category
Education
Employees
51-100
Discovered
2026-05-25
Published
May 25, 2026
Disclosed / Notified
Mar 15, 2026
Victim ID
6qyP9a9gdOuK

Attack Summary

Now-Forward is a non-profit organization based in Dallas that provides a range of essential services such as financial aid, medical and dental care, food, clothing, and ESL classes to low-income families. Established to effectively serve the urgent needs of the community, they have been a trusted resource for over 40 years, assisting residents facing unexpected life challenges. The organization supports their mission through donations, volunteer work, and partnerships with local entities, ensuring that 96% of their funds are directed toward client services. Their extensive offerings also include tax preparation and school supply assistance, enabling families to achieve greater stability and self-sufficiency.

Leak Screenshots

SAMPLE

Proof-of-breach screenshots the operator posted from the stolen data. Previews are redacted and locked — the originals are available on HaveIBeenRansom.

file_tree.png
finance_2024.xlsx
passport_scan.jpg
contract_signed.pdf
Sign in or explore HaveIBeenRansom to view the full leak gallery.
View leak gallery →

Dark Web Exposure

Findings for ndsm.org — indexed by HaveIBeenRansom.
0
found in Infostealer logs
34+
found in Traditional breaches
3+
found in Ransomware leaks
VerificationsIO_BF.7z.011
Kedr | Forum 🪾 · breach
••• emails
pureincubation-com.7z.001
Database World ROC · breach
••• emails
Arandell Corp
medusa · ransomware
••• emails
linkedIN_2.7z.001
Database World ROC · breach
••• emails
contacts_92.csv
Database World ROC · breach
••• emails
Factual_BF.7z
B F R e p o V 3 F i l e s · breach
••• emails
Canva_BF.7z
B F R e p o V 3 F i l e s · breach
••• emails
CafePress_BF.7z
B F R e p o V 3 F i l e s · breach
••• emails
+ 9 more leak sources locked
Leak volumes are locked
Sign in to reveal how many records each source exposed and the remaining 12 sources.
Want the complete picture — passwords, machines, full leak files? It's all searchable on HaveIBeenRansom.
Search this victim →
Visit Website View Group: cmdorganization
Legal Disclaimer: This ransomware victim record reflects information published on the operator's leak site. Breach.house does not acquire, download, host, access or redistribute unlawfully obtained data. It indexes only publicly visible information posted by ransomware, breach and infostealer operators and open web sources, without accessing the underlying stolen content. The service supports public awareness, legitimate research and cyber-resilience.