Ransomware victim disclosure
← All victimsDoctocliq
Claimed by Killsec · listed 11 months ago
Status timeline
- ListedAug 19, 2025
- Data leakeddate unknown
At a glance
- Group
- Killsec
- Status
- Data leaked
- Country
- Mexico
- Sector
- Healthcare
- Listed on leak site
- Aug 19, 2025
About the victim
AI dossier — public-source company profileDoctocliq is a cloud-based dental and medical practice management software serving healthcare providers across 20+ countries in Latin America and beyond. The platform provides integrated tools for patient records, appointment scheduling, billing, financial reporting, marketing automation, and electronic invoicing, serving over 4,000 doctors and dentists.
- Industry
- Healthcare Software & Practice Management
Attack summary
Severity: medium — The post is primarily a listing announcement with multiple unrelated companies mixed in. No specific proof files or screenshots of Doctocliq data are advertised. The victim handles sensitive healthcare and financial data for thousands of users across multiple countries, but without confirmed exfiltration evidence or proof count, severity is capped at medium.The killsec group claims to have accessed Doctocliq's systems and published data. The leak post does not explicitly state whether data was encrypted, exfiltrated, or both, nor does it clearly detail what specific data categories from Doctocliq were compromised.
Data the group says was taken
AI dossier — extracted from the leak post- Patient medical records
- Healthcare provider credentials
- Financial transaction data
- Billing information
What the group claims
En Doctocliq ayudamos a miles de doctores en 19 países a gestionar sus consultorios de forma más eficiente, rentable y humana, con una plataforma que conecta agenda, expediente clínico, finanzas y comunicación con pacientes mediante inteligencia artificial. Estamos construyendo la infraestructura digital para que millones de profesionales de la salud en Latinoamérica lideren su propio crecimiento. Nuestro equipo crece con la misma velocidad que nuestra visión: si te apasiona la tecnología, el impacto social y el trabajo colaborativo, aquí puedes transformar la salud junto a nosotros.
The leak post
captured from the group's siteFounded in 1997, iCare Software, based in the United States, delivers innovative management solutions for childcare and afterschool programs. Serving childcare centers, preschools, afterschool programs, and multi-site operations, iCare automates critical tasks like attendance tracking, staff scheduling, tuition collection, and compliance reporting. Its unique offerings include AI-driven analytics, business intelligence dashboards, and CRM tools to boost enrollment and staff retention. With seamless data migration and robust back-end technology, iCare empowers providers to focus on quality care while streamlining operations and driving growth. Cadorim simplifies money transfers to Mauritania, offering a secure, user-friendly platform for individuals and businesses. With a focus on speed, affordability, and accessibility, Cadorim enables seamless transactions in just three clicks, available around the clock. The company ensures maximum security for every transfer, provides competitive exchange rates with no fees, and processes transactions instantly. Headquartered in Brussels, Belgium, with operations in Nouakchott, Mauritania, Cadorim serves customers seeking reliable, cost-effectiv…
Sources
Source
Indexed 11 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

