Ransomware victim disclosure
← All victimsDoctorim
Claimed by Malekteam · listed 2 years ago
Status timeline
- ListedApr 5, 2024
- Data leakeddate unknown
At a glance
- Group
- Malekteam
- Status
- Data leaked
- Country
- Israel
- Sector
- Healthcare
- Listed on leak site
- Apr 5, 2024
About the victim
AI dossier — public-source company profileDoctorim is an online medical platform operating in Israel that provides digital healthcare services. The platform serves the Israeli healthcare market.
- Industry
- Healthcare & Telemedicine
Attack summary
Severity: critical — Claimed exfiltration of personally identifiable information (names, ID numbers, contact details) at massive scale (1.2M+ individuals) from a healthcare platform, combined with claims of data destruction. Healthcare data with identity numbers represents sensitive regulated information.Malek Team claims to have exfiltrated personal data on over 1.2 million individuals and companies, including verified names, identity numbers, contact numbers, and email addresses. The group also claims to have encrypted/destroyed all data on the platform.
Data the group says was taken
AI dossier — extracted from the leak post- verified names
- identity numbers
- contact numbers
- email addresses
- phone numbers
What the group claims
🔥"Doctorim" ,in Hebrew "דוקתורים" ,is the online medical site in Israel which attacked by Malek teambased on this successful cyber attack, we have the information of more than 1,200,000 persons and companions ☠️information includes: ☠️🩸 verified names🩸 verified identity numbers,🩸 verified contact numbers🩸 verified emails & phones🩸 & etc ...🧨⚠️and we destroyed all data⚠️🧨 MALEK TEAM has everything 🔪🩸
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

