Ransomware victim disclosure
← All victimsClínica del Meta
listed as Inversiones Clinica Del Meta SA · Claimed by Medusa · listed 1 year ago
Status timeline
- ListedFeb 28, 2025
- Data leakeddate unknown
At a glance
- Group
- Medusa
- Status
- Data leaked
- Country
- Colombia
- Sector
- Healthcare
- Listed on leak site
- Feb 28, 2025
- Ransom demanded
- $100000
About the victim
AI dossier — public-source company profileClínica del Meta is a healthcare provider in Colombia operating under the corporate entity Inversiones Clínica Del Meta SA. The organization provides clinical services to patients in the Meta region.
- Industry
- Healthcare - Clinical Services
Attack summary
Severity: critical — Exfiltration of patient medical records and personally identifiable information (PII) at a healthcare organization constitutes regulated data exposure under healthcare privacy regimes. Patient information and employee credentials represent sensitive personal and health data at scale.Medusa claims to have exfiltrated employee information, patient data, service agreements, credentials, and appointment records from Clínica del Meta. The group is offering 1-day access to the stolen dataset for $100,000.
Data the group says was taken
AI dossier — extracted from the leak post- employee information
- patient information
- service agreements
- password data
- appointment information
What the group claims
www.clinicameta.co Description employee information – patient information – agreements – password data – appointment information Sold with 1-day access Price-$100000 (sale in one hand there are options for making a profit from these files will be included in the deal)
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

