Ransomware victim disclosure
← All victimsPusat Rehabilitasi PERKESO Tun Abdul Razak
listed as rehabmalaysia.com · Claimed by Krybit · listed 3 hours ago
Status timeline
- ListedJul 17, 2026
- Data leakeddate unknown
At a glance
- Group
- Krybit
- Status
- Data leaked
- Country
- Malaysia
- Sector
- Healthcare
- Listed on leak site
- Jul 17, 2026
About the victim
AI dossier — public-source company profilePusat Rehabilitasi PERKESO (PERKESO Rehabilitation Centre) is a Malaysian government-linked rehabilitation facility providing comprehensive medical and vocational rehabilitation services. The centre integrates physical rehabilitation, vocational training, and disability management for injured workers and PERKESO-insured individuals, with accommodation for approximately 300 patients and satellite locations across Malaysia.
- Industry
- Healthcare & Medical Rehabilitation
Attack summary
Severity: high — Healthcare institution with confirmed data exfiltration (disclosed status: data_published). Likely access to sensitive patient medical records, PII, and disability data affecting a vulnerable population (injured workers, disabled patients). Government-linked entity adds institutional sensitivity.The krybit group claims to have attacked the PERKESO Rehabilitation Centre's web infrastructure. The leaked post indicates data exfiltration but provides limited detail on the scope or nature of compromised data.
Data the group says was taken
AI dossier — extracted from the leak post- Patient medical records
- Personal identifiable information
- Disability management data
- Vocational training records
What the group claims
Pusat Rehabilitasi PERKESO Tun Abdul Razak (PERKESO Rehabilitation Centre Malaysia) is a Malaysian government-linked reh...
Sources
Source
Indexed 3 hours agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

