Ransomware victim disclosure
← All victimsFarmacia Cofar
Claimed by Killsecurity · listed 1 year ago
Status timeline
- ListedJan 16, 2025
- Data leakeddate unknown
At a glance
- Group
- Killsecurity
- Status
- Data leaked
- Country
- Chile
- Sector
- Healthcare
- Listed on leak site
- Jan 16, 2025
About the victim
AI dossier — public-source company profileFarmacia Cofar is a Chilean pharmaceutical retailer offering medications, dermocosmetics, vitamins, and health services. The company operates 24-hour delivery in the Santiago Metropolitan Region (RM) and provides telemedicine, home nursing, and specialized health programs through its online platform cofar.cl.
- Industry
- Pharmacy & Healthcare Retail
- Address
- Av. Apoquindo 5016, Las Condes, Santiago, Chile
Attack summary
Severity: high — Healthcare sector victim with confirmed data publication by ransomware group. Likely exposure of patient PII and medical treatment history at scale given the nature of an online pharmacy platform with telemedicine services. No ransom demand stated suggests data may already be widely circulated.Killsecurity claims to have attacked Farmacia Cofar and published data. The group's leak post content was not provided, so specific claims about encryption, exfiltration, or data types cannot be verified from the post itself.
Data the group says was taken
AI dossier — extracted from the leak post- Customer personal identifiable information (RUT, email, password hashes)
- Medical/health records (telemedicine consultations, treatment history)
- Transaction/purchase history
- Payment information
What the group claims
N/A
Sources
- Victim sitecofar.cl
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

