Ransomware victim disclosure
← All victimsNEXTCLINICS Czech a.s.
listed as Next Clinics · Claimed by Qilin · listed 8 days ago
Status timeline
- ListedJul 7, 2026
- Data leakeddate unknown
At a glance
- Group
- Qilin
- Status
- Data leaked
- Country
- Czechia
- Sector
- Healthcare
- Listed on leak site
- Jul 7, 2026
About the victim
AI dossier — public-source company profileNEXTCLINICS Czech a.s. is a healthcare group founded in 2015 operating in the Czech Republic and other European countries. The company operates a fertility/IVF clinic (Next Fertility IVF Prof. Zech Pilsen), next-generation diagnostic laboratories serving private practitioners and hospitals, and Nextlife, an online preventive health platform. The group combines modern diagnostic and treatment methods with personalized patient care.
- Industry
- Healthcare Services - Reproductive Medicine, Laboratory Diagnostics & Preventive Care
- Founded
- 2015
Attack summary
Severity: high — Healthcare organization with sensitive patient data (reproductive medicine, laboratory diagnostics, genetic/cytogenomic information). Confirmed data publication by ransomware group. Patient PII and medical records at scale constitute regulated sensitive data. No specific proof count visible but disclosure status indicates published data.Qilin group claims to have published data from Next Clinics. No details provided in the leak post excerpt regarding the nature of the compromise (encryption vs. exfiltration) or specific data categories.
Data the group says was taken
AI dossier — extracted from the leak post- Patient medical records
- Fertility/reproductive health data
- Laboratory test results
- Personal identifiable information
What the group claims
N/A
Sources
Source
Indexed 8 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

