everest attacks Centro Hospitalar de Setúbal

Incident Date:

March 7, 2022

World map



everest attacks Centro Hospitalar de Setúbal


Centro Hospitalar de Setúbal




Castelo Branco, Portugal

Setúbal, Portugal

First Reported

March 7, 2022

Centro Hospitalar de Setúbal Targeted by Everest Ransomware Group

About Centro Hospitalar de Setúbal

Centro Hospitalar de Setúbal is a healthcare services provider that operates in the Healthcare Services sector. The organization's website provides information on various services, including notices, urgent care, consultations, clinical services, pharmacies, and more.

Size and Vulnerabilities

The size of Centro Hospitalar de Setúbal is not explicitly mentioned in search results. However, the healthcare industry is a significant target for ransomware attacks, with organizations often targeted for their sensitive data and the potential for significant financial losses.

Everest Ransomware Group

The Everest Ransomware Group has been active since at least December 2020 and has gone through various iterations, initially focusing on data exfiltration, then becoming a ransomware operator, and now increasingly acting as an Initial Access Broker (IAB). The group targets organizations across various industries and regions, with a particular concentration in the Americas and capital goods, health, and the public sector.

Ransomware Attack and Initial Access Brokerage

Everest has been observed acting as an IAB since November 2021, with its activity increasing in recent months. The group frequently deletes its advertisements from its leak site, which can make it difficult for other security professionals to track its activity.

Motivations for Becoming an IAB

The Everest Ransomware Group's motivations for becoming an IAB are not fully understood but have been speculated to include evading law enforcement, a loss of personnel, or using IAB as a different monetization tactic.

Targeting Corporate Insiders

In addition to its ransomware and IAB activities, Everest has also been targeting corporate insiders, offering them a "good percentage" of the profits generated from successful attacks in exchange for remote access to organizations based in the US, Canada, and Europe.

The Centro Hospitalar de Setúbal has been targeted by the Everest Ransomware Group, which has been increasingly acting as an IAB. The healthcare sector remains a top target for ransomware attacks, and organizations must remain vigilant to protect against such threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.