Ransomware victim disclosure
← All victimsMinistry of Public Health Lebanon
listed as moph.gov.lb · Claimed by Funksec · listed 2 years ago
Status timeline
- ListedDec 30, 2024
- Data leakeddate unknown
At a glance
- Group
- Funksec
- Status
- Data leaked
- Country
- Lebanon
- Sector
- Healthcare
- Listed on leak site
- Dec 30, 2024
About the victim
AI dossier — public-source company profileThe Ministry of Public Health (وزارة الصحّة العامة) is Lebanon's governmental body responsible for public health policy, healthcare services regulation, and health program administration. It oversees hospitals, healthcare facilities, and provides public health services to the Lebanese population.
- Industry
- Government Healthcare & Public Health Administration
- Address
- Beirut, Lebanon
Attack summary
Severity: high — Compromise of a national government healthcare ministry represents critical infrastructure with access to sensitive medical data, patient records, and health system operations. Government sector + healthcare = high severity even without explicit proof details.The funksec group claims to have compromised the Ministry of Public Health Lebanon's systems and published data. The post does not specify whether data was exfiltrated, encrypted, or both, nor detail the scope of compromised information.
Data the group says was taken
AI dossier — extracted from the leak post- Government health records
- Healthcare facility data
- Public health administrative files
- Physician/healthcare worker records
Original description
AI-summarised, not from the leak postThe company "moph.gov.lb" refers to the Ministry of Public Health in Lebanon. It is a governmental body responsible for public health policy, healthcare services, and health regulations in Lebanon. The ministry oversees hospitals, healthcare facilities, and public health programs, aiming to improve health standards and provide accessible healthcare to the Lebanese population.
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

