Ransomcortex Ransomware Hits Policlínica Dona Anita: 30GB Data Compromised
Incident Date:
July 12, 2024
Overview
Title
Ransomcortex Ransomware Hits Policlínica Dona Anita: 30GB Data Compromised
Victim
Policlinica Dona Anita
Attacker
Ransomcortex
Location
First Reported
July 12, 2024
Ransomcortex Ransomware Attack on Policlínica Dona Anita
Overview of Policlínica Dona Anita
Policlínica Dona Anita, located in Araucária, Paraná, Brazil, is a comprehensive healthcare facility that has been serving the community since 2010. The clinic offers a wide range of medical services across various specialties, including cardiology, gynecology, orthopedics, and more. The clinic operates with a team of specialized professionals committed to providing personalized treatment options. It is open seven days a week and accepts both insurance and private payments, making it accessible to a broad range of patients.
Details of the Ransomware Attack
On July 11, 2024, Policlínica Dona Anita fell victim to a ransomware attack executed by the threat actor known as Ransomcortex. During the incident, approximately 30GB of sensitive data, including medical guides and patient information in PDF format, was compromised. The specifics of the leaked data and the extent of the disruption to the clinic's operations remain unclear. The clinic's website was mentioned in the attack details, suggesting it might have been a point of compromise.
About Ransomcortex
Ransomcortex is a ransomware group that exclusively targets healthcare facilities, recognizing the high value of healthcare data. The group exploits stolen data for financial fraud, extortion, and selling personal medical information on online black markets. They actively recruit individuals for various roles, including making ransom payments and gathering intelligence. Ransomcortex operates purely for financial gain and does not offer Ransomware as a Service (RaaS), instead using third-party encryption software.
Potential Vulnerabilities
Healthcare facilities like Policlínica Dona Anita are particularly vulnerable to ransomware attacks due to the sensitive nature of the data they handle. The clinic's extensive range of services and large patient database make it an attractive target for threat actors. The attack on Policlínica Dona Anita underscores the critical need for robust cybersecurity measures to protect sensitive patient information.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.