Ransomware.live - Victim: Atenção Primária à Saúde Brazil

Sponsored by Hudson Rock – Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Atenção Primária à Saúde Brazil

saude.gov.br

Group Nova

Discovered 2025-12-04

Est. attack date 2025-12-04

Country

City Fortaleza

Description:

Atenção Primária à Saúde is system provided by Ministério da Saúde of brazil, we have exf all sql files (100GB of SQL files) from them systems and clouds, millions of patients records, 50M> records lines, samples will be provided to company when its contact, the goal system https://esusbelacruz.fixtecnologia.com.br/

Infostealer activity detected by HudsonRock

Compromised Employees: 279

Compromised Users: 22700

Third Party Employee Credentials: 228

External Attack Surface: 200

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails

No emails found.

MX Records

cluster1a.us.messagelabs.com.
cluster1.us.messagelabs.com.

TXT Records

globalsign-domain-verification=dPctt_25v8xGPa4sHRF5Q3XZRpPMnNw67LkpZB0sRh
v=spf1 ip4:189.28.129.7 ip4:189.28.130.8 ip4:189.28.129.17 ip4:189.28.129.18 ip4:189.28.129.19 ip4:189.28.129.25 ip4:189.9.35.150 include:spf.protection.outlook.com include:spf.messagelabs.com -all

Cloud / SaaS Services Detected

No well-known cloud or SaaS service detected.

Leak Screenshot:

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.