Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo rhp.com.br

Group: lockbit3

Discovered by ransomware.live: 2024-09-05

Estimated attack date: 2024-08-28

Country: BR

Description:

We've got information about more than 70000 patients staff contractors investors internal information

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 3

Compromised Users: 458

Third Party Employee Credentials: 8

External Attack Surface: 42


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • mxb-0093bd01.gslb.pphosted.com.
  • mxa-0093bd01.gslb.pphosted.com.
TXT Records
  • 9c9pfc9bj9036dks2mkpjbttqb.
  • _globalsign-domain-verification=ApVKaJ-QesVRU5fWOI7OQPuRqb_ox122yuz334HTDi
  • asv=a802c81e2c0d457bfc31aeb746190697
  • duo_sso_verification=hhFbiuv2FYLRVoCO9Ay6Q5LpvH8ECFGrf93RC1oj8bABRwUnsOxX2rPuzdJYUCJk
  • suovigb4sa1hgvmb81ts5076lj
  • v=spf1 include:spf.protection.outlook.com include:spf-0093bd01.pphosted.com include:_spf.rdstation.com.br include:sendgrid.net -all
Cloud / SaaS Services Detected
SendGrid Cisco Duo Proofpoint

Leak Screenshot:

Leak Screenshot