[KAZU] – Ransomware Victim: National Civil Service Commission of Colombia

AI Generated Summary of the Ransomware Leak Page

On 2025-11-10, a ransomware leak post attributed to the group kazu identifies the National Civil Service Commission of Colombia as a victim. The CNSC is described as the government body responsible for overseeing recruitment, selection, and management of public servants in Colombia. The leak page frames this as a data-leak incident and claims that a substantial volume of internal CNSC data has been exfiltrated. The attackers quote a data volume of 2.9 TB across 9,252,093 files and a ransom demand of $300,000, with an expiry noted for 2025-11-26. The post date is 2025-11-10, and no explicit compromise date is provided on the page, so the post date is used as the reference point. The leak page includes two images presented as branding visuals, and it references sample data attachments intended to illustrate the exfiltration without detailing the contents here.

The page aligns with patterns seen in modern ransomware incidents, suggesting a data-leak scenario commonly associated with double-extortion tactics. The CNSC entry lists a sizable exfiltration footprint (2.9 TB and roughly 9.25 million files) and a ransom of $300,000 with a deadline of 2025-11-26. Several sample attachments accompany the post to demonstrate the breach, though the summary does not disclose specific contents. The page defangs URLs and redacts any potentially exposing contact information, consistent with CTI reporting standards, and uses neutral language to describe the incident while emphasizing the potential risk to the public-sector organization.