Ransomware victim disclosure
← All victimsIntraCare
listed as Inter care · Claimed by Devman · listed 7 months ago
Status timeline
- ListedDec 9, 2025
- Data leakeddate unknown
At a glance
- Group
- Devman
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Dec 9, 2025
About the victim
AI dossier — public-source company profileIntraCare (theintracare.com) is a U.S.-based primary care and value-based care provider serving patients directly. The organization operates in the healthcare sector, offering primary care services with a focus on value-based care models. Specific locations and scale are not determinable from available data.
- Industry
- Primary & Value-Based Healthcare
Attack summary
Severity: critical — Confirmed exfiltration and publication of patient data (PHI) from a healthcare provider constitutes a HIPAA-regulated data breach at potential scale, combined with full financial records including a QuickBooks dump — meeting the critical threshold for regulated sensitive data.The group 'devman' claims to have exfiltrated a full QuickBooks dump, patient data, and financial data from IntraCare; the disclosure status is marked as data_published, indicating the stolen data has been released.
Data the group says was taken
AI dossier — extracted from the leak post- QuickBooks accounting database dump
- Patient records / protected health information (PHI)
- Financial data
What the group claims
Full quickbooks dump, patients data, and financial data
Sources
Source
Indexed 7 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

