This is an update to our earlier report on DEVMan ransomware demanding a $2.27 million ransom from an Egyptian government entity. It has now been confirmed that the target is the Egyptian Electricity Holding Company (EEHC), accessible via eehc.gov.eg.
According to the latest listing on DEVMan’s leak site, the group claims to have exfiltrated 58GB of data, with a countdown timer already expired, typically a sign that stolen files are either being published in stages or are available to potential buyers.
The EEHC, Egypt’s primary electricity agency, plays a critical role in managing power distribution across the country. This makes the breach especially concerning, not just from a data privacy angle but also for potential operational or national infrastructure implications.
As of now, DEVMan continues to advertise the stolen data with a “View Files” link, intensifying pressure on the agency to pay the hefty ransom. This incident highlights how ransomware groups are increasingly targeting critical government services in Africa, capitalizing on their strategic importance to secure substantial payouts.
Read our initial post of the DEVMan ransomware attack on Egypt here