Ransomware victim disclosure
← All victimsHopital ** *****
Claimed by Devman · listed 7 months ago
Status timeline
- ListedDec 11, 2025
- Data leakeddate unknown
At a glance
- Group
- Devman
- Status
- Data leaked
- Country
- Tunisia
- Sector
- Healthcare
- Listed on leak site
- Dec 11, 2025
About the victim
AI dossier — public-source company profileThe victim is a hospital located in Tunisia (country code TN), indicated by the redacted name 'Hopital ** *****' and the sector classification of Healthcare. The clearnet domain pattern (*h*l*r*b*a.tn) suggests a Tunisian hospital website, but no further details about scale or specific services are available from the provided data.
- Industry
- Healthcare – Hospital Services
Attack summary
Severity: high — The victim is a hospital (healthcare sector), and the status is 'data_published', indicating actual data has been released. Hospital data typically contains regulated PII and medical records; even without full confirmation of the data types, a published breach against a healthcare institution warrants at minimum 'high' severity.The group 'devman' claims to have compromised the hospital and has published data (disclosed status: data_published), though no specific details about encryption, exfiltration methods, or the nature of the published data are captured in the leak post.
Sources
Source
Indexed 7 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

