Ransomware victim disclosure
← All victimsGrace Lutheran Foundation
Claimed by Alphv · listed 2 years ago
Status timeline
- ListedFeb 9, 2024
- Data leakeddate unknown
At a glance
- Group
- Alphv
- Status
- Data leaked
- Country
- United States
- Sector
- Healthcare
- Listed on leak site
- Feb 9, 2024
About the victim
AI dossier — public-source company profileGrace Lutheran Foundation (operating as Grace Lutheran Communities) is a senior care organization founded in 1960 serving the Chippewa Valley region of Wisconsin. They operate multiple facilities providing independent living apartments, assisted living, memory care, skilled nursing & rehabilitation, adult day services, and school-aged childcare programs across locations in Altoona, Eau Claire, and Chippewa Falls.
- Industry
- Senior Care & Healthcare Services
- Founded
- 1960
Attack summary
Severity: critical — Confirmed exfiltration of 70GB+ of healthcare data including patient/resident records and employee information from a senior care facility. Healthcare data is regulated (HIPAA) and highly sensitive. Public disclosure confirmed.ALPHV claims to have breached Grace Lutheran Communities and exfiltrated over 70GB of data including employee and patient/customer records. The group states that negotiations failed and has publicly released the data.
Data the group says was taken
AI dossier — extracted from the leak post- employee records
- patient records
- customer data
What the group claims
Grace Lutheran Foundation Inc. is an organization who offers many areas of care for seniors including: Independent apartments for seniors, Assisted Living, Adult Day Services, Memory Care, Short -term Rehabilitation, Skilled Nursing and School aged childcare program. The Grace Lutheran Communities network had been breached recently by our organization. As a result over 70GB of data leaked from there. After a few weeks of negotiations Grace Lutheran Communities refused to protect data of its employees and patients/customers unfortunately. That is why these data is being shared right now to public for free.
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

