Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

St. Joseph's Healthcare Hamilton

stjoes.ca

Group Rhysida
Discovered 2025-11-22 15:14 UTC
Est. attack date 2025-11-22
Country CA

Description:

St. Joseph's Healthcare Hamilton

Infostealer activity detected by HudsonRock

Compromised Employees: 6

Compromised Users: 12

Third Party Employee Credentials: 4


External Attack Surface: 9


Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusegodaddy.com
  • sfletcherstjosham.on.ca
MX Records
  • mxb-0090cf01.gslb.pphosted.com. Proofpoint
  • mxa-0090cf01.gslb.pphosted.com. Proofpoint
TXT Records
  • MS=4FECAF8C9BB35B49B16AE3B4084DE363606F206E
  • bb2MV2OfsSkNy5WxWiReVnBuwPYX7b8vYGg2XRd1LyJoXlXHGq620Lop6tLqG8F4dY/eUwV312rVmexjcMP2DA==
  • 1q0hgq3ijgnlnohrv0h2pjk6s1
  • TWVQ3ENhHjVl/2YZsW7kKH+lo3I+1SCZNqcOSEE1slSrdN+K8EouDq0vA0vnzMUhUhhSioPw9GqWjekYVbfRRA==
  • f4j3m62cj5v8jvbk53d356j0hp
  • citrix.mobile.ads.otp=dzyo6dfol2vtxs5f4qe5c
  • facebook-domain-verification=icjp94cf1j9k2qlf2uusvy51v5t9qp
  • undhacdatm50fsnjomrgercnko
  • 87Se017ZdB7CAU0OQKU+6WhInlmYhEOcWhb59VUO278AYzCFUK3QRH9fqpdP4u2IxQxAO42ygBw/Oe1Z0+F4rQ==
  • apple-domain-verification=4cmf5fPtimpBdGUU
  • ri69g1ofdc3404g5r64lidd9u
  • _u45j33kvpya2uvvmkaj5dxbzrcxvb3f
  • 4ab7c43b-6338-4ab3-ab92-b9831e8abd00
  • jrrBnbdkn/29dBpaDuHQUwcxrG0JBAbVfCqDMWLR+LaqgsXvA009yPI6sDXx0rY/i6f5J1pafNP+afI45jmbWQ==
  • 8e4b4940-9aed-4f4d-9dca-b74a07e47aeb
  • f64fij6pmf04g64ngi1kkifj74
  • v=spf1 include:spf-0090cf01.pphosted.com include:spf-0090cf02.pphosted.com include:spf.protection.outlook.com include:spf.constantcontact.com include:spf_4.taleo.net ip4:15.222.123.146 ~all
  • brevo-code:c5ab361329b10c96780a9a18543f474d
  • docusign=64d5e802-2f24-4b3d-a56d-fe2f8e8acc5f
Cloud / SaaS Services Detected
Apple DocuSign Proofpoint