[SAFEPAY] – Ransomware Victim: bisa[.]com[.]pe
![[SAFEPAY] - Ransomware Victim: bisa[.]com[.]pe 1 image](https://www.redpacketsecurity.com/wp-content/uploads/2024/09/image.png)
Ransomware Group: SAFEPAY
VICTIM NAME: bisa[.]com[.]pe
NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the SAFEPAY Onion Dark Web Tor Blog page.
AI Generated Summary of the Ransomware Leak Page
The leak page pertains to a ransomware incident affecting a Peruvian environmental consulting company. The attack was discovered on July 22, 2025, and involved the breach of the organization’s online systems. The victim, identified by its domain bisa.com.pe, primarily serves clients in the mining sector, offering services related to environmental impact assessments, soil studies, and water management. The leaked data indicates that sensitive information related to company operations and personnel may have been compromised. The attacker group behind the breach is identified as “safepay,” which is possibly linked to other threat actors engaging in data extortion activities. The leak includes a screenshot of internal data or communications, highlighting the severity of the breach.
Technical details suggest that various info-stealer tools such as Lumma, Raccoon, RedLine, StealC, and Vidar were used or involved in the attack, with evidence pointing to multiple third-party data breaches. The leak might also contain downloadable files or data dumps, although specific details are not provided publicly. The compromised data includes information related to the company’s employees and external users. The incident underscores the growing threat landscape targeting environmental and consulting firms, emphasizing the importance of cybersecurity measures to prevent such attacks. The breach’s impact could involve exposure of operational details, client information, and internal communications.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.