The filing recounts how Towne later notified customers of a security issue. In a letter dated around November 13, 2025, Towne reportedly told customers it had identified “unusual activity indicating potential unauthorized access” to its network. The letter explained that, after bringing in external cybersecurity professionals and conducting “extensive forensic investigation and manual document review,” Towne determined on October 14, 2025, that certain personal information “may have been included within the impacted data that may have been copied” from its network as a result of an incident on June 7, 2025.
Barnette goes on to allege that, at the time of the incident, affected information was accessible, unencrypted, unprotected and vulnerable to acquisition and exfiltration. The filing also points to outside reports claiming that the BlackByte threat actor was behind the attack, allegedly disrupting Towne’s operations and demanding a ransom while warning that “the full leak will be published soon, unless a company representative contacts us via the channels provided.”
From there, the case focuses on what Barnette says about Towne’s overall approach to information security. He claims Towne intentionally, willfully, recklessly and/or negligently failed to implement reasonable safeguards, even though it routinely collects what the filing calls “unique and highly sensitive” data. Barnette asserts that, because of the nature of the information it holds, Towne knew or reasonably
Towne Park cybersecurity rating report: https://www.rankiteo.com/company/towne-park
"id": "TOW1764793572",
"linkid": "towne-park",
"type": "Ransomware",
"date": "6/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'Multiple',
'industry': None,
'location': None,
'name': 'Towne',
'size': None,
'type': 'Company'}],
'customer_advisories': 'Notification letter sent on November 13, '
'2025',
'data_breach': {'data_encryption': 'No',
'data_exfiltration': 'Yes',
'file_types_exposed': None,
'number_of_records_exposed': None,
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'Highly sensitive',
'type_of_data_compromised': 'Personal '
'information'},
'date_detected': '2025-11-13',
'date_publicly_disclosed': '2025-11-13',
'description': 'Towne notified customers of a security issue '
'involving unauthorized access to its network. '
'External cybersecurity professionals conducted a '
'forensic investigation and determined that '
'personal information may have been copied from '
'its network due to an incident on June 7, 2025. '
'The BlackByte threat actor was allegedly behind '
'the attack, disrupting operations and demanding '
'a ransom.',
'impact': {'brand_reputation_impact': None,
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': 'Personal information',
'downtime': None,
'financial_loss': None,
'identity_theft_risk': 'High',
'legal_liabilities': None,
'operational_impact': 'Disrupted operations',
'payment_information_risk': None,
'revenue_loss': None,
'systems_affected': None},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': None,
'high_value_targets': None,
'reconnaissance_period': None},
'investigation_status': 'Completed (forensic investigation)',
'motivation': 'Financial gain, Data exfiltration',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': 'Failure to implement '
'reasonable '
'safeguards, '
'unencrypted and '
'unprotected data'},
'ransomware': {'data_encryption': None,
'data_exfiltration': 'Yes',
'ransom_demanded': 'Yes',
'ransom_paid': None,
'ransomware_strain': 'BlackByte'},
'references': [{'date_accessed': None,
'source': 'Customer notification letter',
'url': None},
{'date_accessed': None,
'source': "Barnette's legal filing",
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': 'Lawsuit filed by '
'Barnette',
'regulations_violated': None,
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': 'Customer notification '
'letter dated November '
'13, 2025',
'containment_measures': None,
'enhanced_monitoring': None,
'incident_response_plan_activated': None,
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': 'External cybersecurity '
'professionals'},
'threat_actor': 'BlackByte',
'title': 'Towne Security Incident and Data Breach',
'type': 'Data Breach, Ransomware',
'vulnerability_exploited': 'Unencrypted and unprotected data '
'accessible on the network'}