Ransomware victim disclosure
← All victimsPruittHealth
listed as pruitthealth.com · Claimed by NoEscape · listed 3 years ago
Status timeline
- ListedNov 18, 2023
- Data leakeddate unknown
At a glance
- Group
- NoEscape
- Status
- Data leaked
- Country
- United States
- Sector
- Healthcare
- Listed on leak site
- Nov 18, 2023
About the victim
AI dossier — public-source company profilePruittHealth is a family-owned healthcare organization headquartered in Norcross, Georgia, United States, providing long-term care, skilled nursing, hospice, home health, and pharmacy services. The company operates a network of nursing facilities and rehabilitation centers primarily across the southeastern United States. It is one of the largest post-acute care providers in the region.
- Industry
- Healthcare Services & Long-Term Care
- Employees
- 5000-10000
- Founded
- 1969
Attack summary
Severity: critical — PruittHealth is a large healthcare and long-term care provider; a confirmed data_published status by NoEscape strongly implies exfiltration of regulated patient health information (PHI/PII) at scale, which constitutes a critical severity incident under HIPAA-covered and sensitive medical data criteria.NoEscape claimed an attack on PruittHealth and the disclosure status is marked as data_published, indicating the group alleges exfiltration and/or encryption of company data and has published or released data; no specific ransom amount or data volume was captured in the available post.
Data the group says was taken
AI dossier — extracted from the leak post- Patient records
- Personal identifiable information (PII)
- Medical/clinical data
- Employee records
- Financial records
Sources
- Victim sitepruitthealth.com
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

