capitalhealth.org
capitalhealth.org
Group: lockbit3
Discovered by ransomware.live: 2024-01-07
Estimated attack date: 2024-01-07
Country:
Description:
We purposely didn't encrypt this hospital so as not to interfere with patient care. We just stole over 10 million files. Over 7 terabytes of medical confidentiality data valued at $250,000. That's all you need to know about this hospital.Capital...
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 3
Compromised Users: 6
Third Party Employee Credentials: 5
External Attack Surface: 7
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- mx0b-00326302.pphosted.com.
- mx0a-00326302.pphosted.com.
TXT Records
- duo_sso_verification=gG1jK85cgushER8gjuvLLyK0CHi85UmabniKXbCDqxtnAFPP4S1zsYDGDtfoNksy
- MS=8510ABF16B5EEF8CCDC3144153D81BACA7F8229E
- google-site-verification=7m1wsjftZxs0iEW0WiXghGrj_lvUhb45mthkqFjsmUo
- apple-domain-verification=qhy6ENpfbgIytVE04jBovCfTrBEfjM_9gK3etUhBmnI
- google-site-verification=uyo9urAa10I7SdDHBH6utyBlJBjzrMsLs12J3YLuOf4
- v=spf1 ip4:66.159.240.218 ip4:66.159.238.191 Include:spf-00326302.pphosted.com ~all
- smartsheet-site-validation=rQIhvZ6q4GQxoj8NUXaU99s3of0T71k5
- 12773687
- _ejrgeq6kofkt4z402e4y7crr5qoh1g8
- BA02452016
- ZOOM_verify_YKASDcrdnGCps4Gbvl7OGQ
- 44tgw6mz3q8lqmkdmzrtmkd1fvd19nwr
- Nx8e6GddyUohIGkwAhay6BLLFj+IQdlWK5Oc/iZ6cF7ffWX66mxuRTACStOTi7d1Kz+0A6R91qoEbABWbcTQKg==
- MS=ms81315300
- facebook-domain-verification=d5xwnatzu5hdzgqddh4qxos4xzoqpw
- zoho-verification=zb14951554.zmverify.zoho.com
Cloud / SaaS Services Detected
Apple
Microsoft 365
Zoho Campaigns
Cisco Duo
Proofpoint
Zoom
Leak Screenshot:
