Ransomware victim disclosure
← All victimsAdvarra
listed as Warning to Advarra & Gadi! · Claimed by Alphv · listed 3 years ago
Status timeline
- ListedNov 3, 2023
- Data leakeddate unknown
At a glance
- Group
- Alphv
- Status
- Data leaked
- Sector
- Healthcare
- Listed on leak site
- Nov 3, 2023
About the victim
AI dossier — public-source company profileAdvarra is a clinical trial management and IRB (Institutional Review Board) oversight platform that enables the research ecosystem to develop life-changing therapies. They provide operational intelligence and collaboration tools for research sites, institutions, sponsors, and CROs (Contract Research Organizations) throughout the protocol lifecycle.
- Industry
- Clinical Research & Healthcare Technology
Attack summary
Severity: high — Confirmed data publication by ALPHV targeting a healthcare clinical research platform. Compromise of clinical trial management systems exposes sensitive research data, IRB oversight records, and potentially patient/trial participant information at scale. Healthcare sector classification and confirmed exfiltration elevate severity despite lack of ransom demand or specific proof count details.ALPHV claims to have compromised Advarra and published exfiltrated data. The specific scope of data exfiltration and operational impact are not detailed in the available leak post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Clinical trial data
- IRB records
- Research protocols
- Institutional information
- Sponsor/CRO operational data
What the group claims
Advancing clinical research by enabling the research ecosystem to develop life-changing therapies.
Sources
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

