Ransomware victim disclosure
← All victimsScanbo
Claimed by Killsec · listed 10 months ago
Status timeline
- ListedSep 22, 2025
- Data leakeddate unknown
At a glance
- Group
- Killsec
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Sep 22, 2025
About the victim
AI dossier — public-source company profileScanbo, headquartered in Canada, develops handheld AI-driven medical diagnostic devices and a connected clinical intelligence platform for point-of-care use. Its product stack includes the D-Series biomarker device (19 lab-grade parameters in under 5 minutes), the HridayTaal cardiac ECG agent, a smart scale, an EMR, and AI safety/documentation agents. The company has deployed 750+ devices, completed 150M+ health signal captures, and is pursuing FDA 510(k) and Health Canada approvals.
- Industry
- AI-Powered Point-of-Care Medical Diagnostics
- Address
- Canada (headquarters; no street address stated)
Attack summary
Severity: critical — Scanbo operates in the medical diagnostics sector and handles sensitive health data including ECG analyses, blood biomarkers, and patient vital signs. A confirmed data publication by a ransomware group in this context constitutes exposure of regulated/sensitive medical data at potential scale (750+ deployed devices, 150M+ health signals captured), meeting the critical threshold.KillSec claims to have compromised Scanbo and has published the disclosure with a 'data_published' status, indicating exfiltration of company data; the post does not specify the exact volume or categories of data stolen from Scanbo specifically.
Data the group says was taken
AI dossier — extracted from the leak post- Company/business data
- Potentially patient or health signal data
- Potentially clinical or device deployment records
What the group claims
N/A
The leak post
captured from the group's siteFounded in 1997, iCare Software, based in the United States, delivers innovative management solutions for childcare and afterschool programs. Serving childcare centers, preschools, afterschool programs, and multi-site operations, iCare automates critical tasks like attendance tracking, staff scheduling, tuition collection, and compliance reporting. Its unique offerings include AI-driven analytics, business intelligence dashboards, and CRM tools to boost enrollment and staff retention. With seamless data migration and robust back-end technology, iCare empowers providers to focus on quality care while streamlining operations and driving growth. Cadorim simplifies money transfers to Mauritania, offering a secure, user-friendly platform for individuals and businesses. With a focus on speed, affordability, and accessibility, Cadorim enables seamless transactions in just three clicks, available around the clock. The company ensures maximum security for every transfer, provides competitive exchange rates with no fees, and processes transactions instantly. Headquartered in Brussels, Belgium, with operations in Nouakchott, Mauritania, Cadorim serves customers seeking reliable, cost-effectiv…
Sources
Source
Indexed 10 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

