Ransomware victim disclosure
← All victimsOakBend Medical
Claimed by Daixin · listed 4 years ago
Status timeline
- ListedSep 13, 2022
- Data leakeddate unknown
At a glance
- Group
- Daixin
- Status
- Data leaked
- Country
- United States
- Sector
- Healthcare
- Listed on leak site
- Sep 13, 2022
About the victim
AI dossier — public-source company profileOakBend Medical Center is a community-based hospital and health system headquartered in Richmond, Texas. It operates 274 inpatient beds across 50+ locations, staffs approximately 450 physicians and over 1,200 employees, and serves roughly 8,500 annual inpatients, 100,000 annual outpatients, and 40,000 annual emergency room visits. The organization is focused on patient-centered medicine across the greater Fort Bend County area.
- Industry
- Hospital & Health System
- Address
- Richmond, Texas, United States
- Employees
- 1200
Attack summary
Severity: critical — OakBend Medical is a large healthcare provider handling tens of thousands of patients annually; data_published status with a threat actor known for exfiltrating regulated health data (PHI/PII) at scale constitutes a critical disclosure under HIPAA-covered entity exposure of sensitive medical and personal records.The Daixin ransomware group claims to have exfiltrated data from OakBend Medical and has published that data (disclosed_status: data_published). Given the healthcare context and scale of the organization, the exfiltrated data is likely to include sensitive patient and operational records.
Data the group says was taken
AI dossier — extracted from the leak post- Patient records
- Personal identifiable information (PII)
- Medical/clinical data
- Employee records
- Internal operational documents
What the group claims
OakBend Medical is passionately focused on patient-centered medicine.OakBend Medical Center: 450 Physicians on staff; 1,200 + Employees; 274 Beds ;50+ Locations; 8,500 Annual inpatients; 100,000 Annual outpatients; 40,000 Annual Emergency Room visits
Source
Indexed 4 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

