Ransomware victim disclosure
← All victimsHeitech Padu Berhad
listed as www.heitech.com.my · Claimed by Devman · listed 8 months ago
Status timeline
- ListedNov 4, 2025
- Data leakeddate unknown
At a glance
- Group
- Devman
- Status
- Data leaked
- Country
- Malaysia
- Sector
- Technology
- Listed on leak site
- Nov 4, 2025
- Data size
- 60 GB
About the victim
AI dossier — public-source company profileHeitech Padu Berhad is a Malaysian technology company operating under the domain www.heitech.com.my, providing IT services and solutions, reportedly with significant exposure to Malaysian government and public-sector clients. The company is known for delivering managed services, system integration, and digital transformation projects in Malaysia. Its involvement with government contracts elevates the sensitivity of any data breach.
- Industry
- IT Services & Government Technology Solutions
Attack summary
Severity: high — 60 GB of data has reportedly been exfiltrated and published from a Malaysian IT/government technology services provider, indicating confirmed data exfiltration at significant scale; potential exposure of government-linked or sensitive business data elevates severity, though specific data categories are not confirmed.The group 'devman' claims to have exfiltrated approximately 60 GB of data from the victim and demanded a ransom of USD 500,000; the disclosure status indicates data has been published, suggesting exfiltration was carried out and data is now exposed.
Data the group says was taken
AI dossier — extracted from the leak post- Exfiltrated company data (60 GB, nature unspecified)
What the group claims
Ransom: 500k 60gb
Sources
Source
Indexed 8 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

