hiveleak attacks Tbilisi State Medical University

Incident Date:

September 26, 2022

World map



hiveleak attacks Tbilisi State Medical University


Tbilisi State Medical University




Tbilisi, Georgia

Tbilisi, Georgia

First Reported

September 26, 2022

Tbilisi State Medical University Suffers Ransomware Attack

Tbilisi State Medical University (TSMU) has recently become a target of the ransomware group HiveLeak, an incident that was confirmed on their dark web leak site. As a pivotal institution in the Education sector with a significant footprint in the medical field, TSMU offers a diverse array of academic programs and research opportunities, contributing profoundly to medical education and research.

With its esteemed history and strong reputation, TSMU has been instrumental in producing graduates who have significantly impacted the medical field globally. The university prides itself on its commitment to academic excellence and its comprehensive educational approach, aimed at equipping students for successful careers in medicine.

However, the recent attack by HiveLeak has exposed vulnerabilities within TSMU's cybersecurity defenses, underscoring the critical need for the university to enhance its protective measures. This is essential not only for safeguarding its digital assets but also for preserving the trust and confidence of its students, faculty, and the broader community.

While the exact size of TSMU is not detailed, its description as a substantial entity with extensive academic and research offerings indicates the potential scale of impact such cyber threats could have on its operational quality.

The incident at TSMU is reflective of a larger pattern of cyber threats aimed at healthcare and educational institutions. These sectors are frequently targeted by cybercriminals due to the sensitive nature of their data and the significant disruptions that can be caused by such attacks. This highlights the paramount importance of implementing robust cybersecurity measures to mitigate risks and protect against future threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.