Ransomware victim disclosure
← All victimsLaboratório Santa Maria
listed as SANTA MARIA LABORATORIO · Claimed by Spacebears · listed 1 year ago
Status timeline
- ListedJan 22, 2025
- Data leakeddate unknown
At a glance
- Group
- Spacebears
- Status
- Data leaked
- Country
- Brazil
- Sector
- Healthcare
- Listed on leak site
- Jan 22, 2025
About the victim
AI dossier — public-source company profileLaboratório Santa Maria is a clinical analysis laboratory based in Santa Maria, Brazil, offering blood tests, diagnostic panels, and online result access. The facility emphasizes rapid turnaround, precise results, and specialized staff across standard health screening packages (checkups for women, men, children, athletes, and vitamin panels).
- Industry
- Clinical Laboratory & Medical Diagnostics
- Address
- Santa Maria, Rio Grande do Sul, Brazil
Attack summary
Severity: high — Healthcare provider with access to patient medical data and PII (names, test results, contact details). Even without explicit proof artifacts listed, compromise of a clinical laboratory's systems represents confirmed exfiltration risk of regulated health information at scale.Spacebears claims to have compromised Laboratório Santa Maria. The leak post provides minimal detail; the group has published the victim's name and website URL but the specific nature of the attack (encryption, exfiltration, or both) and scope of compromised data are not articulated in the provided excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Patient personal information
- Medical examination records
- Test results
- Contact information
What the group claims
CLINICAL ANALYSIS LABORATORY https://www.laboratoriosm.com.br/
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

