Ransomware group moneymessage hits Envision Unlimited
Envision Unlimited — a not found target has been listed by the moneymessage ransomware group on 2026-07-09. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.
Incident Report
| Target Organization | Envision Unlimited |
|---|---|
| Threat Group | moneymessage |
| Summary | [AI generated] Envision Unlimited is a nonprofit human services organization based in the United States, primarily operating in Illinois. Founded in Chicago, it provides support services for individuals with intellectual and developmental disabilities. Its programs include residential services, day programs, employment support, and behavioral health services, aimed at promoting independence, inclusion, and quality of life for the people it serves. |
| Date of Breach | 2026-07-09 |
| Discovery Date | 2026-07-09 |
| Region | — |
| Target Domain | — |
| Business Sector | Not Found |
| Severity | MEDIUM |
Claim by moneymessage
[AI generated] Envision Unlimited is a nonprofit human services organization based in the United States, primarily operating in Illinois. Founded in Chicago, it provides support services for individuals with intellectual and developmental disabilities. Its programs include residential services, day programs, employment support, and behavioral health services, aimed at promoting independence, inclusion, and quality of life for the people it serves.
Posted by the moneymessage threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.
Sources
Leak post (onion / Tor)
http://blogvl7tjyjvsfthobttze52w36wwiz34hrfcmorgvdzb6hikucb7aqd.onion/news.php?id=1
Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.
Disclaimer
HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.

