Ransomware victim disclosure
← All victims****t*lc*a*tpm.com
Claimed by Devman · listed 6 months ago
Status timeline
- ListedJan 12, 2026
- Data leakeddate unknown
At a glance
- Group
- Devman
- Status
- Data leaked
- Country
- Svalbard & Jan Mayen
- Listed on leak site
- Jan 12, 2026
About the victim
AI dossier — public-source company profileThe victim appears to be a healthcare or medical practice entity, inferred from the domain pattern and the reference to 'patients data' in the leak post. The domain suggests a telehealth or outpatient care provider. No public site content was available to confirm specific operations or location.
- Industry
- Healthcare / Medical Practice
Attack summary
Severity: critical — The post explicitly claims exfiltration and publication of patient data (regulated health information) alongside financial and HR records, constituting a breach of sensitive PII and likely HIPAA-covered data at a healthcare entity.The group 'devman' claims to have exfiltrated financial records, patient data, and HR data from the victim, with the disclosure status marked as data_published, indicating the stolen data has been released.
Data the group says was taken
AI dossier — extracted from the leak post- Financial records
- Patient data
- HR data
What the group claims
Financial, patients data, HR data
Sources
Source
Indexed 6 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

