Ransomware victim disclosure
← All victimsInstituto Cardiovascular del Cesar
listed as icvc.co - Instituto Cardiovascular del Cesar · Claimed by Babuk · listed 1 year ago
Status timeline
- ListedMar 29, 2025
- Data leakeddate unknown
At a glance
- Group
- Babuk
- Status
- Data leaked
- Country
- Colombia
- Sector
- Healthcare
- Listed on leak site
- Mar 29, 2025
About the victim
AI dossier — public-source company profileInstituto Cardiovascular del Cesar is a private healthcare organization in Valledupar, Colombia, providing medium and high-complexity cardiovascular and general medical services. It operates a modern facility offering surgical services, cardiology interventions, hemodialysis, imaging diagnostics, emergency care, and specialized consultation, with a focus on scientific evidence-based practice and medical education.
- Industry
- Healthcare - Cardiovascular & General Hospital Services
- Address
- Carrera 16 # 16A – 42, Barrio Santana, Valledupar, Colombia
Attack summary
Severity: high — Healthcare provider in Colombia with patient data at risk. Even without explicit proof files listed, a confirmed attack on a hospital system handling sensitive medical and personal information is inherently high-severity due to regulated healthcare data exposure and operational continuity risk.Babuk claims to have compromised Instituto Cardiovascular del Cesar. The leak post provides minimal detail on the nature of the attack (encryption, exfiltration, or both) or specific data at risk.
Data the group says was taken
AI dossier — extracted from the leak post- Patient medical records
- Hospital operational data
- Organizational records
What the group claims
icvc.co - Instituto Cardiovascular del Cesar
Sources
- Victim siteicvc.co
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

