Ransomware victim disclosure
← All victimsDevlion
Claimed by Fog · listed 1 year ago
Status timeline
- ListedFeb 4, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileDevlion is an Israeli educational technology company specializing in custom learning management systems (LMS), learning experience platforms (LXP), and AI-enhanced educational tools. They develop interactive content tools, analytics solutions, and mind-mapping applications for academic institutions and Israeli industry organizations, with expertise in e-learning customization and organizational learning culture implementation.
- Industry
- Educational Technology & Learning Management Systems
Attack summary
Severity: medium — Data exfiltration claimed but no proof files, screenshots, or detailed data inventory provided in the leak post. No customer PII explicitly mentioned. Company operates in education sector (lower regulatory sensitivity than finance/healthcare). Lacks operational impact evidence.Fog group claims to have extracted data from Devlion in a multi-target operation also affecting hemio.de and SOLEIL. No specific details on data types, scope, or operational impact are stated in the available post.
Data the group says was taken
AI dossier — extracted from the leak post- Business/development data
- Potentially customer project information
- Internal systems/repositories
What the group claims
Extract from Gitlabs: hemio.de, SOLEIL, Devlion
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

