Ransomware Group: EVEREST

VICTIM NAME: Avantic Medical Lab – Full leak published

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the EVEREST Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Avantic Medical Lab, a healthcare provider that has experienced a cybersecurity incident. The attack was discovered on July 3, 2025, with the breach date also recorded as July 3, 2025. The leaked data includes sensitive information related to the medical facility, although specific details are not publicly disclosed in the available summary. The page features a screenshot illustrating the leak, which appears to contain internal documents or data relevant to the healthcare organization. Additionally, the leak is associated with a threat group named Everest, indicating a targeted cyberattack aimed at the healthcare sector. No personal or PII information is included in the publicly available summary.

Information about the leak suggests that data may be accessible via a hidden Tor link, with potential for data disclosure or exfiltration involving medical records or operational details. The attack underscores the ongoing cybersecurity risks faced by healthcare organizations, which are frequent targets due to the sensitive nature of their data. Fortunately, no explicit PII or identifiable patient information is detailed in the leak summary. The incident emphasizes the importance of robust security measures in protecting healthcare infrastructure from ransomware threats, especially given the potential consequences on patient safety and confidentiality. The leak page includes a visual by way of screenshot, but the exact content remains unspecified beyond indicating a full data release was published.