Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo www.indigoent.ca

Group: qiulong

Discovered by ransomware.live: 2024-05-30

Estimated attack date: 2024-05-30

Country: CA

Description:

Indigo ENT Group is a company that operates in the Hospital & Health Care industry. The company is headquartered in Coquitlam, British Columbia, Canada. Zoominfo: https://www.zoominfo.com/c/indigo-ent-group/448092524 Office Main Phone: 604-941-8474 Email: coquitlam@indigoent.ca Doctors: Dr. Dewji, Dr. Gooi, Dr. Mah In the past few weeks, our group has been operating within the network of Indigo EST, stealing thousands of personal, confidential, and PHI, & PII data of patients. This is the first warning. Samples:


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
  • Please ask the Registrar of Record identified in this output for information on how to contact the Registrant, Admin, or Other contacts of the queried domain name
MX Records
  • aspmx2.googlemail.com.
  • aspmx3.googlemail.com.
  • aspmx.l.google.com.
  • alt1.aspmx.l.google.com.
  • alt2.aspmx.l.google.com.
TXT Records
  • v=spf1 include:_spf.google.com ~all
  • MS=ms48143492
  • google-site-verification=BI0NPh9NYYLmNpddvTmmsM5FCVzlq9Zx2Hrfzg_CzkY
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot