Ransomware victim disclosure
← All victimsbiodimed.com
Claimed by Stormous · listed 2 years ago
Status timeline
- ListedDec 15, 2024
- Data leakeddate unknown
At a glance
- Group
- Stormous
- Status
- Data leaked
- Country
- Ecuador
- Sector
- Healthcare
- Listed on leak site
- Dec 15, 2024
- Data size
- 60 GB
About the victim
AI dossier — public-source company profileBIODIMED is a multi-location ambulatory medical center network operating in Ecuador (Quito, Guayaquil, El Coca) for over 30 years. They specialize in occupational health, clinical diagnostics, laboratory services, telemedicine, and COVID-19 testing, serving both individual patients and corporate clients.
- Industry
- Healthcare & Occupational Medicine
- Address
- Quito, Guayaquil, and El Coca, Ecuador
- Founded
- 1993
Attack summary
Severity: critical — Confirmed exfiltration and publication of healthcare provider data including employee information and internal communications. Healthcare data involving patient records and employee PII at scale constitutes critical severity.Stormous claims to have exfiltrated 60 GB of data including employee email operations, internal messages, and 40 GB of internal documents from BIODIMED. The group has published the data.
Data the group says was taken
AI dossier — extracted from the leak post- Employee email and operations data
- Internal documents and messages
- Patient/clinical data (implied from healthcare provider context)
- Employee personal information
What the group claims
Data :60GB - Status: ? - Data type: Email operations associated with all employees - attachments include 40GB of documents related to biodimed - employee data - internal messages -
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

