Ransomware victim disclosure
← All victimsHospital Italiano de Buenos Aires
Claimed by Knight · listed 3 years ago
Status timeline
- ListedOct 13, 2023
- Data leakeddate unknown
At a glance
- Group
- Knight
- Status
- Data leaked
- Country
- Argentina
- Sector
- Healthcare
- Listed on leak site
- Oct 13, 2023
About the victim
AI dossier — public-source company profileHospital Italiano de Buenos Aires is a non-profit civil association founded in 1853, dedicated to comprehensive healthcare in Argentina. It provides medical assistance, undergraduate and postgraduate medical education, and conducts health research. It is one of the largest and most prestigious private hospital networks in Argentina.
- Industry
- Hospital & Healthcare Services
- Address
- Gaspar Campos 450, Buenos Aires, Argentina
- Employees
- 5000+
- Founded
- 1853
Attack summary
Severity: critical — The victim is a major hospital handling sensitive medical and personal health information at large scale. Data has been published (not merely threatened), meaning regulated health data (PII, medical records) for potentially tens of thousands of patients is confirmed exfiltrated and exposed.The Knight ransomware group claims to have attacked Hospital Italiano de Buenos Aires and has published data (disclosed_status: data_published), indicating exfiltration of patient and/or institutional records from one of Argentina's largest hospital systems.
Data the group says was taken
AI dossier — extracted from the leak post- Patient medical records
- Personal identifying information (PII)
- Staff/personnel data
- Administrative and financial records
- Academic/research records
What the group claims
El Hospital Italiano de Buenos Aires es una asociación civil sin fines de lucro dedicada al cuidado integral de la salud. Desde 1853, brinda asistencia médica, forma alumnos de grado y de posgrado, y…
Sources
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

