Ransomware victim disclosure
← All victimsMedlink Georgia
Claimed by Cmdorganization · listed 4 days ago
Status timeline
- ListedJun 30, 2026
- Data leakeddate unknown
At a glance
- Group
- Cmdorganization
- Status
- Data leaked
- Country
- Georgia
- Sector
- Healthcare
- Listed on leak site
- Jun 30, 2026
About the victim
AI dossier — public-source company profileMedLink Georgia is a federally qualified health center operating in northeast Georgia since 1976. They provide comprehensive primary and preventive care services to patients of all ages, with a sliding fee scale for uninsured and underinsured patients.
- Industry
- Healthcare - Federally Qualified Health Center (FQHC)
- Founded
- 1976
Attack summary
Severity: medium — Healthcare organization with confirmed data_published status and regulated patient data at potential risk; however, no proof files, screenshots, or exfiltration details are evident in the truncated post provided. The group appears to have accessed the organization but concrete evidence of data compromise or encryption is not demonstrated.The ransomware group claims to have compromised MedLink Georgia's systems. The group's post contains excerpts from the organization's public website, but no specific details are provided regarding encryption, exfiltration, or what data may be at risk.
Data the group says was taken
AI dossier — extracted from the leak post- Patient records
- Health information
- Insurance details
What the group claims
We have proudly been serving northeast Georgia since 1976. As a federally qualified health center, we are able to offer uninsured and underinsured patients a sliding fee scale. No one is denied services due to lack of income or insurance status.At MedLink Georgia, we strive to provide comprehensive, coordinated, and continuous care to all our patients. We offer a broad array of primary and preventive care services for patients of all ages, including screening, diagnosis, and management of chronic illnesses.
Sources
- Victim sitewww.medlinkga.org
Source
Indexed 4 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

