Ransomware Group: EVEREST

VICTIM NAME: Arlington Occupational Health and Wellness

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the EVEREST Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Arlington Occupational Health and Wellness, a healthcare provider based in the United States. The site provides a detailed description of the services offered, including health evaluations, immunizations, and workplace health exams aimed at enhancing employee safety. The attack was publicly disclosed on June 17, 2025, and the breach was discovered several days later on June 24, 2025. The page includes a screenshot depicting some internal content, which appears to showcase protected documents or system interfaces. No sensitive personally identifiable or proprietary information is directly revealed in the leak, but it evidences a compromise of a healthcare organization involved in employee health management, with data potentially exposed or at risk.

Download links or data leaks are mentioned, indicating the possibility of confidential health information or operational data being accessible to malicious actors. The victim operates in the healthcare sector, specifically focusing on occupational health services for businesses, and is located in Virginia. The compromised system was linked to the group ‘Everest,’ which is known for targeting organizations in various sectors. The website’s screenshot suggests that internal operational or client information may have been accessed, though explicit details are not disclosed. The breach underscores the increasing threats faced by healthcare providers, emphasizing the need for robust cybersecurity measures to protect sensitive health data.