Ransomware victim disclosure
← All victimsIntonu
listed as Intonu.com · Claimed by Devman · listed 7 months ago
Status timeline
- ListedDec 28, 2025
- Data leakeddate unknown
At a glance
- Group
- Devman
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Dec 28, 2025
About the victim
AI dossier — public-source company profileIntonu.com is a U.S.-based company whose specific operations and industry could not be determined from available public sources. The domain appears to be associated with a small or low-profile organization. No further verifiable details about its scale or services are available.
Attack summary
Severity: high — Data is stated as published (not just threatened), and the exfiltrated data includes financial records, HR documents, and claims — categories that likely contain employee PII and sensitive business/financial information, constituting confirmed exfiltration of significant business and potentially regulated data.The group 'devman' claims to have exfiltrated financial records, HR documents, and claims data from Intonu.com, with the disclosure status marked as data_published.
Data the group says was taken
AI dossier — extracted from the leak post- Financial documents
- HR documents
- Claims records
What the group claims
Financial, Hr documents, claims
Sources
- Victim siteIntonu.com
- Leak posthttp://devmanblggk7ddrtqj3tsocnayow3bwnozab2s4yhv4shpv6ueitjzid.onion
Source
Indexed 7 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

