Hospital Escultural Faces Data Breach from Qiulong Ransomware Attack

Incident Date:

April 27, 2024

World map



Hospital Escultural Faces Data Breach from Qiulong Ransomware Attack


Hospital Escultural




Goiania, Brazil

, Brazil

First Reported

April 27, 2024

Ransomware Attack on Hospital Escultural by Qiulong Group

Overview of the Attack

On April 26, 2024, Hospital Escultural, a renowned Brazilian plastic surgery center, became the target of a ransomware attack by the cybercriminal group Qiulong. The attackers encrypted and exfiltrated approximately 50 GB of critical data, including highly sensitive patient images, personal information, financial records, and internal communications.

About Hospital Escultural

Hospital Escultural is a prominent medical facility in Brazil, specializing in cosmetic surgery and personal transformation. The hospital is known for its unique approach that blends art and science, spearheaded by founders Dr. Eder Damacena and Dr. Eisenhower Damascena. This institution stands out in its industry due to its focus on 'Naturalmente Mais Bela,' a philosophy aimed at enhancing both the physical and spiritual aspects of its patients.

The hospital employs advanced technology and personalized treatment plans, making it a leader in its field. Their high-profile status and the sensitive nature of the data it handles make it an attractive target for cybercriminals.

Details of the Cyber Attack

The Qiulong ransomware group, known for its sophisticated attacks primarily in Latin America, used known valid accounts and vulnerabilities in network security to gain access to the hospital's systems.

The stolen data includes not only personal and financial information but also sensitive images of patients, which poses a significant risk of reputational damage and legal issues for Hospital Escultural.

Implications for Hospital Escultural

The breach has severe implications for patient privacy, trust, and the overall security posture of Hospital Escultural. The exposure of sensitive patient data could lead to significant legal repercussions and damage to the hospital's reputation, which prides itself on safety and confidentiality.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.