The MS13-089 ransomware group claims to have breached multiple organizations, listing them on their dark web leak site. The latest list of alleged victims posted by the group includes:
-
Virginia Urology (🇺🇸): A medical practice based in the Greater Richmond metro area, comprised of over 60 providers including urologists, urogynecologists, and radiation oncologists.
-
DGP Commercialisti (🇮🇹): An Italian accounting and consulting firm specializing in financial statements, tax planning, corporate restructuring, and statutory auditing.
According to the group, the compromised data spans sensitive medical and financial records. The file lists displayed on the leak site suggest the following information has been exfiltrated:
-
Patient full names
-
Patient dates of birth
-
Employee 401k and ID documents
-
Internal mailing lists
-
Corporate tax declarations (IVA forms)
-
Financial holding documents
-
Client quotes and estimates
