Ransomware victim disclosure
← All victimsf***i*.o*g
Claimed by Devman · listed 7 months ago
Status timeline
- ListedDec 7, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileThe victim appears to be a French organization with a domain matching the pattern f***i*.o*g, suggesting it may be a non-profit, foundation, or governmental body (the '.org' TLD pattern). Insufficient public information is available to describe the company's operations or scale with confidence.
Attack summary
Severity: critical — The claimed data includes medical records (regulated health data) and HR documents (PII), alongside financial records. The combination of medical/health data with personal HR information constitutes regulated sensitive data exposure, warranting a critical classification regardless of scale.The group 'devman' claims to have exfiltrated financial records, medical cards, and HR documents from the victim, with the disclosure status marked as data_published, indicating the data has been released.
Data the group says was taken
AI dossier — extracted from the leak post- Financial records
- Medical cards
- HR documents
What the group claims
Financial Records, Med cards, Hr documents
Sources
- Victim sitef***i*.o*g
- Leak posthttp://devmanblggk7ddrtqj3tsocnayow3bwnozab2s4yhv4shpv6ueitjzid.onion
Source
Indexed 7 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

