Ransomware victim disclosure
← All victimsCoalinga Regional Medical Center
Claimed by Worldleaks · listed 1 year ago
Status timeline
- ListedJul 21, 2025
- Data leakeddate unknown
At a glance
- Group
- Worldleaks
- Status
- Data leaked
- Country
- United States
- Sector
- Healthcare
- Listed on leak site
- Jul 21, 2025
About the victim
AI dossier — public-source company profileCoalinga Regional Medical Center is a non-profit hospital in Coalinga, California, providing comprehensive medical services including emergency care, surgery, diagnostic imaging, rehabilitation, skilled nursing, pharmacy, and clinical laboratory services to the local community.
- Industry
- Healthcare - Hospital
- Address
- 1191 Phelps Ave. Coalinga, CA 93210
Attack summary
Severity: medium — Healthcare provider with presumed access to regulated PII (HIPAA-protected patient data); however, the leak post provides no proof files, no confirmed exfiltration evidence, and no data size estimate. Listing alone with healthcare sector involvement warrants medium rather than low.The worldleaks group claims to have attacked Coalinga Regional Medical Center. No specific details are provided regarding whether data was exfiltrated, encrypted, or the nature of accessed information.
Data the group says was taken
AI dossier — extracted from the leak post- patient records
- medical histories
- billing information
- pharmacy data
- laboratory results
Original description
AI-summarised, not from the leak postCoalinga Regional Medical Center is a healthcare facility based in Coalinga, California. This non-profit organization is dedicated to providing medical care to the local community. It offers a variety of medical services such as surgery, emergency care, diagnostic imaging, and rehabilitation services. Despite facing financial difficulties, it continues its operations, remaining focused on improving the health and welfare of the residents in the region.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

