Daily Dark Web
  • Home
  • Data Breaches
  • Inside the Adversary
    • Dark Web Informants
  • DDW Top Lists
  • Ransomware News
  • DarkWeb News
    • Vulnerability
    • Cyber Attacks
  • Unauthorized Accesses
  • About Us
No Result
View All Result
  • Home
  • Data Breaches
  • Inside the Adversary
    • Dark Web Informants
  • DDW Top Lists
  • Ransomware News
  • DarkWeb News
    • Vulnerability
    • Cyber Attacks
  • Unauthorized Accesses
  • About Us
No Result
View All Result
Daily Dark Web
No Result
View All Result
Home Ransomware News

Everest Group Claims Breach on KorPath, Vikor Scientific, and Korgene

November 13, 2025
Reading Time: 1 min read
Everest Group Claims Breach on KorPath, Vikor Scientific, and Korgene

The Everest Group extortion group has claimed responsibility for a significant data breach affecting three US-based healthcare organizations. The group, known for data exfiltration and extortion, has published large databases allegedly stolen from the victims.

The Everest Group listed Vikor Scientific and Korgene together, treating them as a single breach, though they are separate (but related) entities.

The latest list of alleged victims posted by the group includes:

  • KorPath (🇺🇸): Operating as Independent Clinical Laboratories Inc., KorPath is a clinical testing laboratory based in Tampa, Florida.
  • Vikor Scientific, LLC (🇺🇸): A CLIA-certified and CAP-accredited clinical diagnostics laboratory based in Charleston, South Carolina.
  • Korgene (🇺🇸): A related clinical diagnostics laboratory based in Pennsylvania.

According to the actor, the compromised data is extensive and includes internal documents, Electronic Medical Records (EMRs), and sensitive patient billing information. The group posted separate databases, one for KorPath and a combined one for Vikor/Korgene, totaling over 11 GB of data across the three companies.

  • KorPath DataBase: 7,491 PDF files (1.23 GB) and 7,565 text/EDI files (390 MB).
  • Vikor Scientific / Korgene DataBase: 25,303 PDF files (9.39 GB), 1,344 additional PDF files (505 MB), and 296 text/EDI files.

Based on the provided samples, which include Explanation of Benefits (EOB) forms, insurance claims, and payment transmittals, the allegedly compromised data includes:

  • Electronic Medical Records (EMRs)
  • Patient private information (full names, dates of birth, addresses)
  • Patient billing and insurance information (claim forms, member IDs)
  • Partial Social Security Numbers (SSNs)
  • Credit card payment information
  • Internal company financial documents
Tags: data-breachEMREverest GroupextortionHealthcareKorgeneKorPathpatient dataUSAVikor Scientific
ShareTweet

Related Posts

Qilin Ransomware: Inspira, Muller, A&A, Longwood, Exclusive, Istarpal
Ransomware News

Qilin Ransomware: Inspira, Muller, A&A, Longwood, Exclusive, Istarpal

April 27, 2026
Narteks Tekstil A.S. Suffers Krybit Ransomware Attack
Ransomware News

Narteks Tekstil A.S. Suffers Krybit Ransomware Attack

April 27, 2026
Synmosa Biopharma Hit by Dragonforce Ransomware Attack
Ransomware News

Synmosa Biopharma Hit by Dragonforce Ransomware Attack

April 27, 2026
K2 Electric Inc Targeted in Genesis Ransomware Attack
Ransomware News

K2 Electric Inc Targeted in Genesis Ransomware Attack

April 22, 2026
Rutan & Tucker Law Firm Suffers Data Breach by Silentransomgroup
Ransomware News

Rutan & Tucker Law Firm Suffers Data Breach by Silentransomgroup

April 22, 2026
Qilin Breach: Sea Air, Kolin, INDCAR, PTS, Huonker, Ferguson, SEL, Sterimed, Avitrans, Rusk
Ransomware News

Qilin Breach: Sea Air, Kolin, INDCAR, PTS, Huonker, Ferguson, SEL, Sterimed, Avitrans, Rusk

April 22, 2026
Next Post
POINT Construction Advisory Group Hit by Kraken Ransomware

POINT Construction Advisory Group Hit by Kraken Ransomware

Operation Endgame Takedown Hits Rhadamanthys and VenomRAT

Operation Endgame Takedown Hits Rhadamanthys and VenomRAT

Recommended Stories

CyberVolk Group Unveils New Ransomware “CyberVolk Ransomware” with Unique Encryption Algorithm

CyberVolk Group Unveils New Ransomware “CyberVolk Ransomware” with Unique Encryption Algorithm

July 1, 2024
Alleged Dark Engine Leak Exposes Sensitive Phone Data in the U.S.

Alleged Dark Engine Leak Exposes Sensitive Phone Data in the U.S.

December 20, 2024
Armenia Government Mailings Database Allegedly Breached and Up for Sale

Armenia Government Mailings Database Allegedly Breached and Up for Sale

January 9, 2026

Popular Stories

  • SudamericaData Breach Exposes Over 1TB of Argentine Records

    SudamericaData Breach Exposes Over 1TB of Argentine Records

    0 shares
    Share 0 Tweet 0
  • Threat Actor Claims Sale of Dell Database Containing 49 Million Customer Records

    0 shares
    Share 0 Tweet 0
  • SUUMO, CHINTAI, At Home, HOME’S Suffer Data Breach

    0 shares
    Share 0 Tweet 0
  • Financial Tech Giant SilverLake Axis Allegedly Breached – 423GB of Data for Sale

    0 shares
    Share 0 Tweet 0
  • Telekom Serbia Investigates Leak of 160,000 Customer Records

    0 shares
    Share 0 Tweet 0
Daily Dark Web

Disclaimer: Daily Dark Web (DDW) is an independent media platform providing information, analysis, and reporting on cybersecurity, cyber incidents, and related digital developments. All content published on this website is for informational and journalistic purposes only. DDW does not support, endorse, or promote any illegal activities, threat actors, or organizations referenced in its content. Any statements, claims, or opinions expressed by third parties, including interview subjects, are their own and do not reflect the views of DDW. Such content may include unverified information and should be interpreted critically. DDW does not participate in, facilitate, or coordinate any activities discussed or referenced on this platform. Under no circumstances should any content be interpreted as encouragement, instruction, or endorsement of unlawful actions. All interactions and publications are conducted in the public interest to enhance awareness and understanding of the evolving cyber landscape.

No Result
View All Result
  • About Us
  • Home
  • Newsletter
  • Privacy Policy

Disclaimer: Daily Dark Web (DDW) is an independent media platform providing information, analysis, and reporting on cybersecurity, cyber incidents, and related digital developments. All content published on this website is for informational and journalistic purposes only. DDW does not support, endorse, or promote any illegal activities, threat actors, or organizations referenced in its content. Any statements, claims, or opinions expressed by third parties, including interview subjects, are their own and do not reflect the views of DDW. Such content may include unverified information and should be interpreted critically. DDW does not participate in, facilitate, or coordinate any activities discussed or referenced on this platform. Under no circumstances should any content be interpreted as encouragement, instruction, or endorsement of unlawful actions. All interactions and publications are conducted in the public interest to enhance awareness and understanding of the evolving cyber landscape.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?