Ransomware victim disclosure
← All victimsAction Santé Travail
Claimed by NoEscape · listed 3 years ago
Status timeline
- ListedNov 9, 2023
- Data leakeddate unknown
At a glance
- Group
- NoEscape
- Status
- Data leaked
- Country
- France
- Sector
- Healthcare
- Listed on leak site
- Nov 9, 2023
About the victim
AI dossier — public-source company profileAction Santé Travail (AST) is a French occupational health service provider offering multidisciplinary preventive care coordinated by occupational physicians. The organisation focuses on reducing professional risks for employees and supporting workplace health compliance. It operates under the French occupational medicine framework, serving employers and workers across its coverage area.
- Industry
- Occupational Health Services
Attack summary
Severity: critical — The victim is a healthcare organisation handling occupational health and medical data on workers; confirmed data publication by the threat actor implies exfiltration and public release of regulated personal and medical (health-related) data, meeting the critical threshold.NoEscape claims to have attacked Action Santé Travail and has published data ('data_published' status), indicating confirmed exfiltration of company data. The specific volume and nature of exfiltrated data are not detailed in the truncated post, but the healthcare sector context implies exposure of potentially sensitive occupational health records.
Data the group says was taken
AI dossier — extracted from the leak post- Employee health records
- Occupational physician records
- Patient/worker personal data
- Internal company documents
What the group claims
Action Santé Travail has a multidisciplinary team coordinated by your occupational physician to meet your needs. Their goals: to reduce the professional risks linked to yo...
Sources
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

