Ransomware victim disclosure
← All victimsKansallinen audiovisuaalinen instituutti (KAVI)
listed as kavi.fi · Claimed by Devman · listed 7 months ago
Status timeline
- ListedDec 25, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileKansallinen audiovisuaalinen instituutti (KAVI), or the National Audiovisual Institute, is a Finnish government agency responsible for promoting audiovisual culture, media education, and regulating media content in Finland. It operates under the Finnish Ministry of Education and Culture and maintains national film and television archives. As a public-sector body, it handles data related to employees, regulated entities, and cultural heritage.
- Industry
- Government Cultural & Media Regulation
Attack summary
Severity: high — KAVI is a Finnish government agency; confirmed exfiltration and publication of HR data constitutes a breach of employee PII (a regulated category under GDPR) at a public-sector institution, warranting a high severity rating.The group 'devman' claims to have exfiltrated HR data from KAVI and has published the data (disclosed status: data_published). No ransom amount was stated and no encryption claim was explicitly made.
Data the group says was taken
AI dossier — extracted from the leak post- HR data
What the group claims
HR data
Sources
- Victim sitekavi.fi
- Leak posthttp://devmanblggk7ddrtqj3tsocnayow3bwnozab2s4yhv4shpv6ueitjzid.onion
Source
Indexed 7 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

