Ransomware Group: EVEREST

VICTIM NAME: Arlington Occupational Health and Wellness – Full leak published

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the EVEREST Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Arlington Occupational Health and Wellness, a healthcare provider based in the United States. The attack was discovered on July 3, 2025, indicating that the organization was compromised on or prior to this date. The leak includes a publicly accessible claim URL on a dark web onion site, where sensitive data related to the victim may have been exposed. The page features a screenshot of internal documents or data, illustrating potential data leaks, which could include confidential health-related information. The leak emphasizes the seriousness of the breach and underscores the importance of cybersecurity measures within healthcare organizations.

The disclosed content suggests that unauthorized actors gained access to the organization’s systems, possibly exfiltrating sensitive information. Details about the specific nature of the compromised data are not provided in the summary, but the presence of downloadable data or leak indicators is implied. The attack appears to fall under a targeted ransomware campaign by the group named Everest, known for exploiting healthcare sector victims. The incident raises concerns regarding patient confidentiality and data integrity. The leak page also includes a URL for further investigation, though no specific PII or sensitive health data is directly exposed in this publicly shared summary. Visual evidence in the form of a screenshot reinforces the occurrence of a data breach.