Ransomware victim disclosure
← All victimsIndian Council of Medical Research
listed as icmr.gov.in · Claimed by Babuk · listed 1 year ago
Status timeline
- ListedMar 17, 2025
- Data leakeddate unknown
At a glance
- Group
- Babuk
- Status
- Data leaked
- Country
- India
- Sector
- Public Sector
- Listed on leak site
- Mar 17, 2025
About the victim
AI dossier — public-source company profileThe Indian Council of Medical Research (ICMR) is a government agency under the Ministry of Health and Family Welfare that conducts and coordinates biomedical research in India. It operates multiple research institutes and is responsible for infectious disease surveillance, vaccine development, and epidemiological studies at the national level.
- Industry
- Medical Research & Public Health
- Address
- Ansari Nagar, New Delhi 110029, India
- Employees
- 500-1000
- Founded
- 1911
Attack summary
Severity: high — ICMR is a critical national health research institution; any confirmed exfiltration of research data, epidemiological records, or government communications would constitute exposure of sensitive government and public health information. The vague post and lack of proof details prevent higher certainty, but the target's sensitivity warrants high severity.Babuk claims to have breached ICMR and published data. The group does not specify what data was exfiltrated or whether systems were encrypted.
Data the group says was taken
AI dossier — extracted from the leak post- Government research records
- Medical surveillance data
- Institutional communications
What the group claims
icmr.gov.in
Sources
- Victim siteicmr.gov.in
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

