Ransomware victim disclosure
← All victimsScanbo
Claimed by Killsecurity · listed 10 months ago
Status timeline
- ListedSep 22, 2025
- Data leakeddate unknown
At a glance
- Group
- Killsecurity
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Sep 22, 2025
- Data size
- 600 GB
About the victim
AI dossier — public-source company profileScanbo is a healthcare technology company headquartered in Canada with global operations, offering an integrated point-of-care clinical intelligence platform. Its product stack includes the D-Series biomarker device (19 lab-grade parameters), HridayTaal cardiac AI (1M+ ECG analyses), a smart scale, ambient documentation, medication safety, and an EMR module. The platform has 750+ devices deployed across 650+ settings and has processed over 150 million health signals.
- Industry
- Point-of-Care Healthcare AI & Medical Diagnostics
Attack summary
Severity: critical — Scanbo processes regulated medical and patient health data at scale (150M+ health signals, 1M+ ECG analyses, 7M+ vital tests) across clinical settings. A confirmed data-published status by the threat actor indicates likely exfiltration of sensitive medical/health PII, which constitutes a critical severity disclosure under HIPAA and equivalent healthcare data protection frameworks.KillSecurity claims a data published disclosure against Scanbo, indicating exfiltration and/or publication of data. No specific details on the nature of encrypted or exfiltrated data are provided in the leak post.
Data the group says was taken
AI dossier — extracted from the leak post- Patient health records
- ECG and cardiac data
- Biomarker and diagnostic test results
- Clinical documentation
- Electronic medical records (EMR) data
- Medication safety records
- Health signals and vital signs data
What the group claims
N/A
The leak post
captured from the group's siteFounded in 1997, iCare Software, based in the United States, delivers innovative management solutions for childcare and afterschool programs. Serving childcare centers, preschools, afterschool programs, and multi-site operations, iCare automates critical tasks like attendance tracking, staff scheduling, tuition collection, and compliance reporting. Its unique offerings include AI-driven analytics, business intelligence dashboards, and CRM tools to boost enrollment and staff retention. With seamless data migration and robust back-end technology, iCare empowers providers to focus on quality care while streamlining operations and driving growth. Cadorim simplifies money transfers to Mauritania, offering a secure, user-friendly platform for individuals and businesses. With a focus on speed, affordability, and accessibility, Cadorim enables seamless transactions in just three clicks, available around the clock. The company ensures maximum security for every transfer, provides competitive exchange rates with no fees, and processes transactions instantly. Headquartered in Brussels, Belgium, with operations in Nouakchott, Mauritania, Cadorim serves customers seeking reliable, cost-effectiv…
Sources
- Victim sitescanbo.com
Source
Indexed 10 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

