[NIGHTSPIRE] – Ransomware Victim: Instituto Nacional de Oftalmologia, Peru

AI Generated Summary of the Ransomware Leak Page

On November 9, 2025, a leak post attributed to the Nightspire ransomware group identifies Instituto Nacional de Oftalmologia, Peru as the victim. The organization operates within Peru’s healthcare sector. The post date is 2025-11-09 19:46:45.179243, and there is no explicit compromise date provided; thus, this timestamp is treated as the post date. The post does not clearly classify the incident as an encryption event or a data leak, and there is no ransom demand or specific exfiltrated data volume mentioned in the available fields. The page itself appears minimal, naming the victim and the attacker group and offering no accompanying documents, screenshots, or downloadable content. Overall, the entry reads like an initial disclosure rather than a detailed dossier on the attack.

Regarding evidence, the page shows zero images or screenshots and contains no links, files, or photos. The minimal artifacts mean the page provides limited visibility into the impact or scope; without a stated compromise date, encryption status, exfiltrated data, or ransom figure, the incident cannot be conclusively classified from this single entry. The victim name remains Instituto Nacional de Oftalmologia, Peru, a Peruvian healthcare institution, which signals potential risk to healthcare providers in the region. The Nightspire group’s appearance on the page suggests a ransomware-related operation, but readers should monitor for future updates or corroborating sources to confirm whether data was exfiltrated or systems were encrypted and to evaluate any potential implications for privacy and regulatory compliance.