[RHYSIDA] – Ransomware Victim: Hematology Oncology Consultants
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal issues relating to the content should be directed at the attackers, not RedPacket Security. This blog is an editorial notice informing that a company has fallen victim to a ransomware attack. RedPacket Security is not affiliated with any ransomware threat actors or groups and will not host infringing content. The information on this page is automated and redacted whilst being scraped directly from the RHYSIDA Onion Dark Web Tor Blog page.
AI Generated Summary of the Ransomware Leak Page
On 17 October 2025, Hematology Oncology Consultants, a United States–based private practice in Michigan that specializes in hematology and oncology, is listed on a ransomware leak site as a victim of a Rhysida operation. The page’s metadata identifies the sector as Healthcare and the country as the United States, aligning with the described medical practice focused on cancer and blood disorders. The leak entry does not specify whether the attack involved encryption or data exfiltration, as the impact field is empty in the provided data. There is no ransom amount or demand listed, and there is no evidence of downloadable data or exposed files within the supplied fields. Visual content appears to be absent, with zero images or screenshots reported on the page. The post date associated with this leak entry is 2025-10-17 20:47:29.609664, and attribution to the Rhysida group is present in the data.
Because no compromise date is provided, the post date is treated as the publication date of the leak. The page does not include a concrete statement about encryption status, data leakage, or a ransom figure in the available fields. The victim name remains the primary identifier, while the page content itself consists mainly of the organization’s standard description rather than attack-specific details. The dataset shows no downloads, links, or attached files, and there are no URLs present to defang. No non-English content is present, and no personally identifiable information appears in the extracted data. As a result, the leak page offers limited public detail beyond identifying Hematology Oncology Consultants as a Rhysida victim and noting the published date.
Summary takeaway: the leak post appears to be a minimal listing rather than a richly documented breach, with no visible data samples, screenshots, or ransom information in the provided fields. Observers should monitor for future updates or additional posts from the leak page that might reveal data categories, volumes, or demands associated with Hematology Oncology Consultants.
Support Our Work
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.
