Ransomware victim disclosure
← All victimsATS Insubria – Agenzia di Tutela della Salute dell'Insubria
listed as ats-insubria.it · Claimed by Blackbyte · listed 4 years ago
Status timeline
- ListedMay 12, 2022
- Data leakeddate unknown
At a glance
- Group
- Blackbyte
- Status
- Data leaked
- Country
- Italy
- Sector
- Healthcare
- Listed on leak site
- May 12, 2022
About the victim
AI dossier — public-source company profileATS Insubria (Agenzia di Tutela della Salute dell'Insubria) is a public health protection agency operating in the Insubria area of Lombardy, Italy. It oversees primary care, public health, food safety, veterinary services, vaccinations, epidemiological surveillance, and a broad range of community health programmes. As a regional health authority it handles sensitive personal and medical data for a large population of residents.
- Industry
- Public Healthcare Authority
Attack summary
Severity: critical — ATS Insubria is a public healthcare authority handling large volumes of regulated medical and personal data (health records, patient information, pharmaceutical data) for an entire regional population. The disclosure status is 'data_published', confirming exfiltration and public release of likely highly sensitive, regulated health data at scale.Blackbyte claims to have attacked ATS Insubria and the disclosure status is marked as 'data_published', indicating that exfiltrated data has been released; no specific ransom amount or data volume was stated in the available post.
Data the group says was taken
AI dossier — extracted from the leak post- Personal health records
- Patient data
- Public health programme data
- Pharmaceutical and prosthetic records
- Epidemiological data
- Employee/HR records
- Administrative and transparency documents
Sources
- Victim siteats-insubria.it
Source
Indexed 4 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

