Ransomware Group: SARCOMA

VICTIM NAME: Sanderling Healthcare

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the SARCOMA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak pertains to Sanderling Healthcare, a U.S.-based organization specializing in the design and construction of dialysis clinics. The leak, discovered on July 23, 2025, involves a substantial data archive of approximately 587 gigabytes, containing various files, exchange documents, and databases. The breach appears to be linked to an attack targeting the healthcare sector, specifically impacting a company with a longstanding history since 2009. The leaked data may include sensitive operational information, project details, and internal communications. Although the leak details are not fully disclosed, the volume and nature of the files suggest significant exposure of proprietary and potentially patient-related information.

The leak size indicates extensive data compromised, with possible implications for organizational operations. Screenshots or visual documentation related to the attack are not provided, but the archive contents hint at confidential project files. Despite the absence of explicit PII in the available report, such breaches typically raise concerns about data security and regulatory compliance within healthcare. The attack represents a serious incident affecting the organization’s activities in the United States. No specific information about the attack method or the ransomware group involved is detailed, but the substantial size of the leak underscores a significant cybersecurity incident impacting healthcare infrastructure and internal records.