Ransomware victim disclosure
← All victimsMedifarma
Claimed by Direwolf · listed 1 year ago
Status timeline
- ListedJun 10, 2025
- Data leakeddate unknown
At a glance
- Group
- Direwolf
- Status
- Data leaked
- Country
- Peru
- Sector
- Healthcare
- Listed on leak site
- Jun 10, 2025
- Records
- 3.600 employees
About the victim
AI dossier — public-source company profileMedifarma is a leading pharmaceutical laboratory based in Peru with operations across eight countries and a workforce exceeding 3,600 employees. The company manufactures and distributes pharmaceutical products across multiple international markets.
- Industry
- Pharmaceuticals & Laboratory Services
- Employees
- 3600
Attack summary
Severity: high — Confirmed data publication by ransomware group targeting a large-scale pharmaceutical manufacturer (3,600+ employees, 8-country presence) with access to potentially sensitive business operations, manufacturing, and proprietary pharmaceutical data.The direwolf group claims to have compromised Medifarma and published exfiltrated data. The specific data categories and operational impact are not detailed in the available post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Pharmaceutical business records
- Operational data
What the group claims
The leading pharmaceutical laboratory in Peru, present in eight countries and with more than 3,600 employees.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

