Ransomware Group: GLOBAL

VICTIM NAME: Medical Village LIV

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the GLOBAL Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The leak page pertains to a healthcare facility engaged in aesthetic and wellness treatments, including facial procedures, microneedling, platelet-rich plasma therapy, laser treatments, and injectables. The breach was discovered on July 26, 2025, and the attack is believed to have occurred on the same date. The facility specializes in enhancing skin health and beauty through various medical spa services. Currently, specific details about the compromised data have not been disclosed publicly, but the presence of a leak suggests potential exposure of patient information or internal documents. The webpage includes screenshots that hint at internal data, although exact content details are not provided.

There is an indication that download links or leaked data files might be available on the site; however, no direct URLs are listed here. The ransomware group behind the attack may have targeted the organization to extract sensitive health-related information, which could include patient records, treatment plans, or internal communications. Given the sector involved, the breach emphasizes the importance of cybersecurity measures within medical and wellness services to prevent unauthorized access to confidential data. The incident underscores the ongoing risks faced by healthcare providers amid increasing cyber threats targeting sensitive personal health data.