Ransomware Group: GLOBAL

VICTIM NAME: Epworth-Hospital

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the GLOBAL Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Epworth HealthCare, a prominent not-for-profit private hospital group located in Victoria, Australia. The breach is reported to have occurred with the attack date recorded as June 2, 2025, indicating a recent security incident. Epworth HealthCare is recognized for delivering high-quality medical, surgical, and rehabilitative services across several major hospitals in Melbourne and Geelong. The leak’s discovery date is noted as June 4, 2025, approximately two days after the reported attack. The page includes screenshots of internal documents and data leaks, suggesting a compromise of sensitive patient and operational information. Download links or evidence of data exfiltration are indicated, but specific details or access URLs are not provided in the available information. The attack impacts the healthcare sector within Australia, emphasizing the ongoing cybersecurity risks faced by medical institutions.

The leak page features an overview of the compromised information, including administrative and possibly patient records, with visual evidence like screenshots of internal documentation. As a healthcare provider, Epworth HealthCare’s systems are potentially vulnerable, highlighting the importance of robust cybersecurity measures in the medical industry. The attacker’s motives and further technical details are not specified, but the leak signals significant data exposure that could affect operational integrity and patient confidentiality. The presence of download links suggests that the data may be accessible to threat actors or the public. This incident underscores the increasing threat landscape faced by healthcare organizations worldwide and the critical need for proactive cybersecurity strategies to prevent and mitigate such breaches.