TuftsMedicine
TuftsMedicine
Group: Cloak
Discovered by ransomware.live: 2025-09-07
Estimated attack date: 2025-09-07
Country:
Description:
[AI generated] N/A
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 7
Third Party Employee Credentials: 0
External Attack Surface: 2
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- mxb-0074a301.gslb.pphosted.com.
- mxa-0074a301.gslb.pphosted.com.
TXT Records
- atlassian-domain-verification=DbKS3rNdIdaeTWNZmKlED3bDnELA0NGRAEhkYIkaszF01s8jV66SFrcEwVwRF2Qa
- v=DKIM1; k=rsa; p= MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClH9QW3MqwGvhvQc4qg04p6MZto0Kp5iAqXjSGhnSxkedDyAl8SeeZUI4rdBPr+G3d/SUcnBztkCt4rTSVf1SH8U3p3p5TY+9cVU+w6r0xYjw1jd5pt6Yy4INFKNlzyvYowAtwF0Uxk2Du6qlR1jVry7AtGeFyIl35SVrznjTYPQIDAQAB
- cisco-ci-domain-verification=2b648bf6c93d5e02653038ca3a08e098b113d2f4a57f7f583934a3c5042960ed
- bw=MbPzyMhObvT55+SB6deJ6sDLYunz+Xk95vBrD1uEqMn2
- atlassian-sending-domain-verification=4302bd0f-e3dd-4da1-92a0-095383d5928e
- 941D24A0340D611E293522148EAC3798CFCFC906C69F45500F4810DE398CFDC4
- e936cf0f-f029-40e5-9216-7d9b1ee46a5c
- v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com include:_spf.salesforce.com include:outboundmail.convio.net include:_spf.paubox.com ~all
- google-gws-recovery-domain-verification=56370274
- google-site-verification=FzNaPc4WbtgsdjfGHDucm7sbeSM8wNfG2ljmhy0tBsI
- MS=ms55084479
- ZA=3ysqyCX1hjhNn86PjX/ZVA+tT0Gp5LjdtINeZfIuPIY= (
- google-site-verification=-6FQboysw0YkrqJgclF-aHFqUqfhh423NT3F1_AN2wQ
- mongodb-site-verification=dlUAGO1UM7JbvTAAgV8PL4ebbLANubdS
Cloud / SaaS Services Detected
Atlassian
Microsoft 365
Salesforce
Cisco
Proofpoint