Ransomware victim disclosure
← All victimsSt. Luke Lutheran Community
listed as stllc.org · Claimed by Lockbit5 · listed 3 months ago
Status timeline
- ListedApr 29, 2026
- Data leakeddate unknown
At a glance
- Group
- Lockbit5
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Apr 29, 2026
About the victim
AI dossier — public-source company profileSt. Luke Lutheran Community is a not-for-profit, faith-based continuing care senior community headquartered in North Canton, Ohio. It operates four campuses across northeastern Ohio offering independent living, assisted living, short-term rehabilitation, memory care, nursing care, and therapy services. The organization serves older adults 24 hours a day, 365 days a year.
- Industry
- Senior Care & Assisted Living (Non-Profit Continuing Care)
- Address
- 220 Applegrove St. NE, North Canton, OH (primary campus); also 615 Latham Lane, Akron, OH; 4301 Woodale Ave. SE, Minerva, OH; 201 Holl Rd. NE, North Canton, OH
Attack summary
Severity: critical — The victim is a multi-site senior care and nursing facility handling highly sensitive regulated data including medical records, personally identifiable information, and health information for vulnerable elderly residents — falling squarely under HIPAA-regulated PHI. Data has been published, confirming exfiltration at a healthcare/social care organization.LockBit 5 claims to have attacked St. Luke Lutheran Community and has published data (disclosed status: data_published), indicating exfiltration of organizational data from a non-profit senior care provider handling sensitive resident and patient information.
Data the group says was taken
AI dossier — extracted from the leak post- Resident personal information
- Patient medical/care records
- Employee records
- Financial records
- Contact and correspondence data
What the group claims
Welcome to St. Luke Lutheran Community St. Luke Lutheran Community is a not-for-profit, continuing...
Sources
Source
Indexed 3 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

