Ransomware victim disclosure
← All victimsDBG Health (Arrotex Pharmaceuticals)
listed as Arrotex Pharmaceuticals · Claimed by Morpheus · listed 2 years ago
Status timeline
- ListedJan 7, 2025
- Data leakeddate unknown
At a glance
- Group
- Morpheus
- Status
- Data leaked
- Country
- Australia
- Sector
- Healthcare
- Listed on leak site
- Jan 7, 2025
- Ransom demanded
- $92M
- Estimated revenue
- $92M
About the victim
AI dossier — public-source company profileDBG Health is an Australian healthcare corporation operating multiple pharmaceutical and consumer health brands, with Arrotex as its largest prescription medicines division. The company serves approximately 15 million patients and consumers across prescription medicines, over-the-counter products, beauty and wellness brands, genetic testing, and pharmacy support services, with global operations across multiple continents.
- Industry
- Pharmaceutical Manufacturing & Distribution
- Address
- 459 Church Street, Level 3A, Richmond VIC 3121, Australia
- Employees
- 1400+
Attack summary
Severity: high — Healthcare sector company with access to sensitive patient and prescription data serving 15 million individuals; confirmed data exfiltration claim by ransomware group; $92M ransom demand indicates significant operational scope, though full data extent not yet disclosed.The morpheus group claims to have conducted a cybersecurity incident against Arrotex Pharmaceuticals (part of DBG Health). The post references data exfiltration but states 'the extent of the cybersecurity incident is not completely revealed' in available published materials.
Data the group says was taken
AI dossier — extracted from the leak post- Patient/consumer data
- Prescription records
- Business operations data
- Corporate communications
What the group claims
Website: https://dbghealth.com.au/arrotex/ Revenue: $92 Million The extent of the **cybersecurity incident** is not completely revealed in the published [article](https://dbghealth.com.au/important-
Sources
- Victim sitedbghealth.com.au
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

