Ransomware victim disclosure
← All victimsWoodglen Medical Group
Claimed by Anubis · listed 7 months ago
Status timeline
- ListedDec 23, 2025
- Data leakeddate unknown
At a glance
- Group
- Anubis
- Status
- Data leaked
- Country
- United States
- Sector
- Healthcare
- Listed on leak site
- Dec 23, 2025
About the victim
AI dossier — public-source company profileWoodglen Medical Group is a medical group practice based in the United States. Based on the name, it is likely a multi-physician outpatient medical practice providing general or specialty healthcare services. No public website content was available to confirm further details about location, scale, or specialties.
- Industry
- Healthcare / Medical Practice
Attack summary
Severity: high — The victim is a healthcare provider in the US, and the status is 'data_published,' implying regulated patient or medical data (likely covered under HIPAA) has been exfiltrated and released. Even without explicit data inventory details, healthcare sector breaches with published data default to high or critical severity; the lack of confirmed PII scale detail keeps this at high rather than critical.The Anubis ransomware group has listed Woodglen Medical Group under a 'data_published' status, indicating data has been disclosed or published. The leak post is largely uninformative beyond referencing a 'Micaforce Technology Download,' suggesting some form of data exfiltration claim.
Data the group says was taken
AI dossier — extracted from the leak post- Unspecified medical or business files (implied by data_published status)
What the group claims
The biggest leak of boobies!
The leak post
captured from the group's siteAnubis blog ANUBIS NEWS FAQ ABOUT RULES English English Español Русский 中文 Deutsch Description Micaforce Technology Download
Sources
Source
Indexed 7 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

