Ransomware victim disclosure
← All victimsAllure Clinics
Claimed by Killsecurity · listed 10 months ago
Status timeline
- ListedSep 16, 2025
- Data leakeddate unknown
At a glance
- Group
- Killsecurity
- Status
- Data leaked
- Country
- Australia
- Sector
- Healthcare
- Listed on leak site
- Sep 16, 2025
About the victim
AI dossier — public-source company profileAllure Clinics is an Australian healthcare provider operating in the cosmetic and aesthetic medicine space, operating under the domain allureclinics.com. The clinic likely offers elective cosmetic procedures and related medical services to patients across Australia. No further verifiable details about scale or locations are available from the provided sources.
- Industry
- Cosmetic & Aesthetic Medicine Clinics
Attack summary
Severity: high — The disclosure status is data_published, meaning data has been released. As a healthcare/medical clinic, any published data almost certainly includes sensitive patient PII and medical information, which is regulated under Australian Privacy Act and healthcare data laws, warranting a high severity rating. Insufficient detail to confirm critical-scale regulated data exfiltration.KillSecurity has listed Allure Clinics as a victim with a disclosed status of data_published, indicating data has been released or made available. No specific claims about encryption, exfiltration volume, or data categories were provided in the leak post.
Data the group says was taken
AI dossier — extracted from the leak post- Patient records (likely)
- Personal identifiable information (likely)
- Medical/treatment history (likely)
What the group claims
N/A
Sources
- Victim siteallureclinics.com
Source
Indexed 10 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

