Ransomware group claims attack on Els for Autism Foundation

A criminal group called cmdorganization has listed the Florida-based autism charity on a dark-web extortion site. The foundation has not confirmed any incident, and the claim could not be independently verified.

ThreatVectr Newsdesk· 3 min read
A close-up, editorial-style photograph of a illuminated server room corridor at night, shot in 16:9 framing
Share

Key points

  • Criminal group cmdorganization listed Els for Autism Foundation on its dark-web leak site on 12 July 2026.
  • The listing was first observed by Ransomware.live, a service that monitors extortion sites run by criminal groups.
  • Els for Autism Foundation, based in Jupiter, Florida, serves adults and children with autism spectrum disorder.
  • The foundation has not publicly confirmed any breach, and the claim could not be independently verified at publication time.
  • Ransomware groups run these listings to pressure victims into paying, and claims are sometimes exaggerated or false.

A ransomware group calling itself cmdorganization has named Els for Autism Foundation on its dark-web extortion site, claiming to have attacked the Jupiter, Florida charity that provides programs and support for people with autism spectrum disorder.

Ransomware is malicious software that breaks into an organisation's systems, often steals data, and then demands payment. Groups typically post their victims on so-called leak sites, hidden websites on the dark web, to publicly pressure them into paying before any stolen files are published. The listing was first observed on 12 July 2026 by Ransomware.live, a monitoring service that tracks these sites.

Should people connected to Els for Autism be worried?

Not necessarily, but they should pay close attention. The claim has not been confirmed by the foundation, and it is worth knowing that ransomware groups sometimes exaggerate or even fabricate listings to create pressure. Nothing in this story establishes that a breach actually occurred.

What the group's post does include is a general description of the organisation and its work. Criminals who research a target often collect exactly the kind of information that makes a convincing scam message. That is the practical risk right now.

If you are a donor, family member, staff member, or person who uses the foundation's services, here is what sensible caution looks like while the situation is unconfirmed.

Watch for phishing emails, which are fake messages designed to look like they come from a trusted source. Criminals sometimes send these right after a listing goes public, using the news as a hook. An email claiming to offer "breach compensation" or asking you to "verify your account" is almost certainly a scam.

Do not reuse passwords. If you have an account with Els for Autism and you use the same password anywhere else, change it on those other sites now. A password manager makes this straightforward.

Be cautious about unexpected phone calls. Scammers occasionally pose as breach-response services and ask for personal details or payment. No legitimate organisation will cold-call you to ask for payment following a data incident.

The foundation itself has released no public statement, and Threat Vectr has seen no regulatory filing or official confirmation as of publication. If that changes, we will update this article.

© 2026 Threat Vectr