Petaluma Health Center
Petaluma Health Center
Group: Karakurt
Discovered by ransomware.live: 2023-04-12
Estimated attack date: 2023-04-12
Description:
The Petaluma Health Center is a Federally Qualified Health Center that strives to care for the "whole" individual by providing excellent care for all patients, regardless of one's ability to pay for services. We do not know whether their patients personal and medical information was stored unsafely because of their disability to pay but we have almost 490GB of this Health Center on our servers. Along with that we've obtained a good amount of financial information (numerous declarations, payment docs, tax forms ...) and personal employees information (SSNs, passports, phone numbers, addresses etc).That is going to be interesting.
DNS Records:
The following DNS records were found for the victim's domain.
- domain.operations@web.com
- phealthcenter-org.mail.protection.outlook.com.
- v=spf1 ip4:34.209.43.71 ip4:198.27.213.224/28 ip4:199.30.234.0/24 ip4:207.195.160.0/19 include:spf.zixsmbhosted.com include:phealthcenter-org.spf.smtp25.com include:spf.protection.outlook.com include:_spf.intacct.com include:spf.happyfox.com -all" "intacct-esk=D60C5768FAC5BCEAE0539A220D0A8A75 include:_spf.intacct.com" "duo_sso_verification=XZOMU3BirhPEiroPAkuixlk75fIx98Er9C4qSDKzblgEHqrDEHrmmzGPEZHdEhWW
Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.