Ransomware group devman hits tiw-group.com
tiw-group.com — a technology target operating in SJ has been listed by the devman ransomware group on 2026-01-28. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.
Incident Report
| Target Organization | tiw-group.com |
|---|---|
| Threat Group | devman |
| Summary | [AI generated] TIW Group is a specialist software firm with over 30 years of experience in developing solutions for the insurance industry. Their flagship product, ALIS, provides end-to-end solutions for life insurance and annuity processing. Additionally, they provide business process automation, legacy modernization, and risk compliance management services. Their digital solutions help businesses to streamline operations and improve business efficiency. |
| Date of Breach | 2026-01-28 |
| Discovery Date | 2026-01-28 |
| Region | SJ |
| Target Domain | tiw-group.com |
| Business Sector | Technology |
| Severity | MEDIUM |
Claim by devman
[AI generated] TIW Group is a specialist software firm with over 30 years of experience in developing solutions for the insurance industry. Their flagship product, ALIS, provides end-to-end solutions for life insurance and annuity processing. Additionally, they provide business process automation, legacy modernization, and risk compliance management services. Their digital solutions help businesses to streamline operations and improve business efficiency.
Posted by the devman threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.
Sources
Victim website
tiw-group.com
Leak post (onion / Tor)
http://devmanblggk7ddrtqj3tsocnayow3bwnozab2s4yhv4shpv6ueitjzid.onion
Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.
Disclaimer
HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.