Ransomware victim disclosure
← All victimsGeneral Department of Information (អគ្គនាយកដ្ឋានអត្តសញ្ញាណកម្ម)
listed as news.gdi.gov.kh · Claimed by Funksec · listed 2 years ago
Status timeline
- ListedDec 21, 2024
- Data leakeddate unknown
At a glance
- Group
- Funksec
- Status
- Data leaked
- Country
- Cambodia
- Sector
- Government
- Listed on leak site
- Dec 21, 2024
About the victim
AI dossier — public-source company profileThe General Department of Information (GDI) is a Cambodian government agency responsible for identity management, national identification systems, and official government communications. The news.gdi.gov.kh portal disseminates official news, policies, and national events to the public as part of the Ministry of Interior's mandate.
- Industry
- Government & Public Administration
- Address
- Phnom Penh, Cambodia
Attack summary
Severity: high — This is a confirmed breach of a government agency responsible for identity and administrative functions in Cambodia, a Southeast Asian nation. Compromise of identity management infrastructure poses operational and security risks despite lack of published proof or data samples in the leak post.The ransomware group funksec claims to have compromised the news.gdi.gov.kh portal. The group's post provides minimal detail on whether data was exfiltrated, encrypted, or both, and does not specify what information was accessed.
Data the group says was taken
AI dossier — extracted from the leak post- Government news and communications
- Identity management system data
- Official government announcements
Original description
AI-summarised, not from the leak postThe company "news.gdi.gov.kh" appears to be associated with a government news portal in Cambodia, likely providing official news and information. As part of the General Department of Information, it disseminates updates on governmental activities, policies, and national events, aiming to inform the public and maintain transparency. The platform serves as a key communication tool for the Cambodian government.
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

