Ransomware victim disclosure
← All victimsNorthland Auto Solutions
Claimed by Spacebears · listed 10 months ago
Status timeline
- ListedSep 10, 2025
- Data leakeddate unknown
At a glance
- Group
- Spacebears
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Sep 10, 2025
About the victim
AI dossier — public-source company profileNorthland Auto Solutions is a Burnsville, Minnesota-based company providing dealership solutions and insurance services to the automotive industry since 1990. The company offers used car leasing programs, daily car rental programs, GPS tracking devices, dealer/surety bonds, vehicle funding, and specialty insurance products such as collateral protection and excess contingent liability insurance. Its services are marketed to used-car dealerships and rental operations across the United States.
- Industry
- Automotive Dealership & Insurance Solutions
- Address
- Burnsville, MN, United States
- Founded
- 1990
Attack summary
Severity: critical — The published data inventory includes regulated medical records, intimate patient photos, and full PII from a healthcare provider — constituting sensitive health data at scale, likely subject to HIPAA — regardless of the victim-name mismatch, the disclosed data is of critical sensitivity.The Spacebears ransomware group has published data claimed to be stolen from a victim; however, the leak post content references InVogue Women Healthcare, PLLC (a Texas OB/GYN practice), not Northland Auto Solutions, suggesting a possible mismatch between the listed victim and the published data. The disclosed data includes patient PII, intimate patient photos, medical histories, staff personal data, financial reports, databases, and email archives.
Data the group says was taken
AI dossier — extracted from the leak post- Patient email addresses
- Patient residential addresses
- Patient telephone numbers
- Patient intimate photos
- Patient medical histories
- Staff salary and position data
- Financial reports
- Databases
- Outlook PST email archives (@invoguemd.com)
- Other confidential documentation
What the group claims
Our Company—Over 30 years of Success and LeadershipNorthland Auto Solutions is proud to be your preferred dealership solutions and insurance services provider. Founded in 1990 by Executive Director Allen Lentsch, we provide dealers with programs to support used car leasing, daily rentals, and all your dealership’s insurance needs. Northland is also known for ancillary products such as bonds, dealer supplies and GPS devices.The real surprise you’ll find in doing business with us is that we are approachable, knowledgeable, and share our experiences in ways that you can understand, learn from, and follow.- Database- Financial documents- Personal information of employees and clients https://northlandautosolutions.com/
The leak post
captured from the group's site## InVogue Women Healthcare, PLLC (USA,TX) **In addition to specializing in obstetrics and gynecology, InVogue Women Healthcare offers primary care services for a variety of health issues including obesity, thyroid disease, hypertension and common ailments such as colds and flu.** _- Patient Data (e-mail addresses, residential addresses, telephone numbers)- Patient Photo (including intimate photos)- Patient Medical Histories- Stuff Personal Data (including salary and position data)- Financial Reports- Databases- *@invoguemd.com Outlook pst's- Other Valueable and Confidential Documentation_
Sources
Source
Indexed 10 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

