Ransomware victim disclosure
← All victimsAquamaná E.S.P.
listed as aquamanaesp.gov.co · Claimed by Funksec · listed 1 year ago
Status timeline
- ListedJan 17, 2025
- Data leakeddate unknown
At a glance
- Group
- Funksec
- Status
- Data leaked
- Country
- Colombia
- Sector
- Government
- Listed on leak site
- Jan 17, 2025
About the victim
AI dossier — public-source company profileAquamaná E.S.P. is a Colombian water utility company providing potable water and sewerage services to approximately 18,500 households. Operating for over 20 years, the company manages two water treatment plants and also provides ancillary services including pure water production, street cleaning, and public area maintenance in what appears to be the Villamaría region.
- Industry
- Water Utilities & Sanitation Services
Attack summary
Severity: medium — Data published by a known ransomware group against a government-operated utility serving ~18,500 households represents meaningful exposure of customer/operational data. However, no specific proof files are advertised, no sensitive regulated data categories are explicitly confirmed, and operational disruption is not stated.The ransomware group funksec claims to have compromised Aquamaná E.S.P.'s systems and published data. No specific details are provided about the nature of the intrusion, data exfiltrated, or encryption deployed.
Data the group says was taken
AI dossier — extracted from the leak post- Customer records
- Financial information
- Operational/administrative data
Original description
AI-summarised, not from the leak post"Aquamanaesp.gov.co" appears to be a governmental entity involved in the management of water resources. Information about this company is limited, so its precise role or function is unclear. It may relate to supervising water quality, preserving natural water sources, or distributing water services to communities. Please verify from a reliable source since this site could not be found directly in a search.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

