[SAFEPAY] – Ransomware Victim: dossenterprises[.]com

image

Ransomware Group: SAFEPAY

VICTIM NAME: dossenterprises[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the SAFEPAY Onion Dark Web Tor Blog page.


AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to the construction company identified as DOSS Enterprises, based in the United States. The attack was confirmed on July 1, 2025, with the incident being publicly disclosed within minutes of discovery. No specific details about the data compromised are provided on the leak page, but visual evidence indicates the presence of screenshots that likely include internal documents or sensitive information. The group’s name associated with this attack is “Safepay,” suggesting the involvement of a threat actor operating under that alias. The leak may include data or information that the attacker claims to have obtained during the breach, but explicit contents or datasets are not openly detailed on the page.

The leak page features a link to a closed, onion-based portal where further details or interactions might be available. Although no personal or employee-specific data appears to be targeted—indicated by the zero count of employees and users involved—potential confidential information from the company’s operations or internal communications could be at risk. The included screenshot provides visual evidence of the breach’s scope and the attacker’s claims. No additional press releases or public statements are associated with this attack, suggesting that the disclosure is primarily contained to the leak site itself. The attack on DOSS Enterprises highlights the ongoing threat of cyber extortion within the construction sector, emphasizing the importance of robust cybersecurity defenses.


A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

To keep up to date follow us on the below channels.