Ransomware victim disclosure
← All victimsForestry Department of Jamaica
listed as forestry.gov.jm · Claimed by Devman · listed 9 months ago
Status timeline
- ListedOct 10, 2025
- Data leakeddate unknown
At a glance
- Group
- Devman
- Status
- Data leaked
- Country
- Jamaica
- Sector
- Public Sector
- Listed on leak site
- Oct 10, 2025
About the victim
AI dossier — public-source company profileThe Forestry Department of Jamaica is the Government of Jamaica's lead agency responsible for the management, protection, and conservation of the country's forest resources. It oversees approximately 117,000 hectares of forests across the island and administers permits, licences, GIS services, and national reforestation initiatives. The department is headquartered at 173 Constant Spring Road, Kingston 8.
- Industry
- Government Forest Management & Conservation
- Address
- 173 Constant Spring Rd, Kingston 8, Jamaica
Attack summary
Severity: high — The victim is a government agency and data has been published (confirmed exfiltration), which constitutes a significant breach of a public-sector entity. While the specific data categories are not enumerated in the post, government operational data, permit/licence records, and potential PII of staff and applicants elevate the severity to high.The group 'devman' claims to have attacked the Forestry Department of Jamaica and has published data (disclosed status: data_published), demanding a ransom of USD 200,000. The leak post is sparse, but the data_published status indicates exfiltration and public release of departmental data.
Data the group says was taken
AI dossier — extracted from the leak post- Government agency files
- Internal departmental documents
- Permits and licences records
- GIS data
- Contact and personnel information
What the group claims
Ransom: 200000 USD
Sources
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

