Ransomware Group: INCRANSOM

VICTIM NAME: The Saint James Hospital Group

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware group has announced that Saint James Hospital Group, a healthcare provider in Malta, has been compromised. The attack was discovered on May 1, 2025, and involved the theft of approximately 250 gigabytes of sensitive medical and personal data. This data breach affects the hospital, which is renowned for its advanced medical technology and highly qualified staff, and raises significant concerns about patient privacy and data security. The breach’s timeline indicates that the attack occurred on April 30, 2025. The leak includes confidential medical records, administrative information, and potentially identifiable personal data, which the perpetrators plan to publish publicly in the coming days. The incident highlights the ongoing risks faced by healthcare institutions worldwide from cybercriminal activities. Public officials and cybersecurity experts are closely monitoring the situation to mitigate further damage and assess the scope of the compromised information.

The ransomware group has shared a screenshot associated with the victim, revealing the presence of internal documents and data leaks. The compromised data appears to include medical records, administrative details, and possibly other confidential information stored within the hospital’s systems. There is no evidence of any threat to human safety or additional harm beyond data exposure at this stage. The attack underscores the importance of robust cybersecurity measures in healthcare environments, particularly those handling highly sensitive patient information. Victims of such breaches can face significant reputational damage and legal repercussions if the data leak occurs or persists. The organization’s response and remediation efforts are currently ongoing.