Ransomcortex Ransomware Hits Policlínica Dona Anita: 30GB Data Compromised

Incident Date:

July 12, 2024

World map

Overview

Title

Ransomcortex Ransomware Hits Policlínica Dona Anita: 30GB Data Compromised

Victim

Policlinica Dona Anita

Attacker

Ransomcortex

Location

Araucária, Brazil

, Brazil

First Reported

July 12, 2024

Ransomcortex Ransomware Attack on Policlínica Dona Anita

Overview of Policlínica Dona Anita

Policlínica Dona Anita, located in Araucária, Paraná, Brazil, is a comprehensive healthcare facility that has been serving the community since 2010. The clinic offers a wide range of medical services across various specialties, including cardiology, gynecology, orthopedics, and more. The clinic operates with a team of specialized professionals committed to providing personalized treatment options. It is open seven days a week and accepts both insurance and private payments, making it accessible to a broad range of patients.

Details of the Ransomware Attack

On July 11, 2024, Policlínica Dona Anita fell victim to a ransomware attack executed by the threat actor known as Ransomcortex. During the incident, approximately 30GB of sensitive data, including medical guides and patient information in PDF format, was compromised. The specifics of the leaked data and the extent of the disruption to the clinic's operations remain unclear. The clinic's website was mentioned in the attack details, suggesting it might have been a point of compromise.

About Ransomcortex

Ransomcortex is a ransomware group that exclusively targets healthcare facilities, recognizing the high value of healthcare data. The group exploits stolen data for financial fraud, extortion, and selling personal medical information on online black markets. They actively recruit individuals for various roles, including making ransom payments and gathering intelligence. Ransomcortex operates purely for financial gain and does not offer Ransomware as a Service (RaaS), instead using third-party encryption software.

Potential Vulnerabilities

Healthcare facilities like Policlínica Dona Anita are particularly vulnerable to ransomware attacks due to the sensitive nature of the data they handle. The clinic's extensive range of services and large patient database make it an attractive target for threat actors. The attack on Policlínica Dona Anita underscores the critical need for robust cybersecurity measures to protect sensitive patient information.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.