Ransomware victim disclosure
← All victimsCÂNCER
listed as C*NC*R · Claimed by Devman · listed 7 months ago
Status timeline
- ListedDec 11, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileBased on the masked victim name 'C*NC*R' and the domain pattern c*nc*r.o*g.** (consistent with a .org domain in Brazil), the organization appears to be a Brazilian non-profit or association related to cancer — likely a cancer research institute, patient advocacy group, or oncology-related charity. No public site content was available to confirm further details.
- Industry
- Non-profit / Cancer Research or Patient Support
Attack summary
Severity: high — Data has been published (not merely threatened), and the exfiltrated data includes client PII and financial records from what appears to be a non-profit organization, potentially exposing sensitive donor, patient, or beneficiary information. If the organization handles patient data, severity could reach critical, but without confirmation of medical records, high is the appropriate classification.The group 'devman' claims to have exfiltrated financial data and client data from the organization, with the disclosure status listed as data_published, indicating the stolen data has already been released or made available.
Data the group says was taken
AI dossier — extracted from the leak post- Financial data
- Client data
What the group claims
Financial data, clients data
Sources
Source
Indexed 7 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

