Ransomware victim disclosure
← All victimsisurges.com
Claimed by Funksec · listed 1 year ago
Status timeline
- ListedFeb 28, 2025
- Data leakeddate unknown
At a glance
- Group
- Funksec
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Feb 28, 2025
About the victim
AI dossier — public-source company profileisurges.com appears to be a government system (likely U.S. Department of Health and Human Services based on the login banner reference to HHS). The site hosts a Laravel-based authentication portal with federal system access warnings and monitoring disclaimers.
- Industry
- Government / Healthcare (likely HHS)
Attack summary
Severity: critical — Access credentials to a U.S. federal government system (HHS) represent critical compromise. Exfiltration of authentication materials to federal infrastructure poses significant national security and operational risk. Federal system compromise is inherently critical regardless of proof publication status.Funksec claims to have encrypted the victim's network and exfiltrated credentials and 'networks secret credentials'. The group threatens to leak these materials after the March 1, 2025 deadline if ransom negotiations fail.
Data the group says was taken
AI dossier — extracted from the leak post- network credentials
- admin credentials
- system access credentials
What the group claims
hello this victims , you have from today to 3/1/2025 to nigotable and receive the decryptor. mr J.A. Street, P.E. from company : jastreet.com - mr admin from company : isurges.com. we will leak networks secret crenditals after this time , and no nigotable
Sources
- Victim siteisurges.com
- Leak posthttp://funksec.top/BTES-isurges
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

