Ransomware victim disclosure
← All victimsCopley at Stoughton
listed as www.copleystoughton.com · Claimed by RansomHub · listed 1 year ago
Status timeline
- ListedFeb 18, 2025
- Data leakeddate unknown
At a glance
- Group
- RansomHub
- Status
- Data leaked
- Country
- United States
- Sector
- Healthcare
- Listed on leak site
- Feb 18, 2025
About the victim
AI dossier — public-source company profileCopley at Stoughton is a privately-owned skilled nursing and rehabilitation center in Stoughton, Massachusetts, serving elderly residents since 1994. The facility provides long-term care and short-term post-acute rehabilitation services, including physical, occupational, and speech therapy, with in-house clinical staff and management.
- Industry
- Skilled Nursing & Rehabilitation Services
- Address
- Stoughton, Massachusetts, United States
- Founded
- 1994
Attack summary
Severity: high — Healthcare facility with confirmed data publication by ransomware group. Likely exposure of protected health information (PHI) and patient records at a nursing facility serving vulnerable elderly population, meeting high-severity threshold for regulated healthcare data.RansomHub claims to have attacked Copley at Stoughton, a skilled nursing facility. The group's leak post indicates data disclosure, though specific details on what data was exfiltrated or whether encryption occurred are not provided in the available excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- patient medical records
- resident personal information
- healthcare data
What the group claims
Skilled Nursing and Rehabilitation Center
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

