Ransomware victim disclosure
← All victimsCareSTL Health
listed as carestlhealth.org · Claimed by Kawa4096 · listed 1 year ago
Status timeline
- ListedJul 22, 2025
- Data leakeddate unknown
At a glance
- Group
- Kawa4096
- Status
- Data leaked
- Country
- United States
- Sector
- Healthcare
- Listed on leak site
- Jul 22, 2025
About the victim
AI dossier — public-source company profileCareSTL Health is a community health center based in North St. Louis serving vulnerable populations across the full spectrum of life—from prenatal to senior care. They operate multiple service locations and provide comprehensive integrated healthcare including family practice, behavioral health, pediatrics, dental, pharmacy, radiology, and women's health services.
- Industry
- Healthcare – Federally Qualified Health Center (FQHC)
Attack summary
Severity: medium — Data published by ransomware group with no proof files shown and minimal disclosure details. However, healthcare organization with patient records (PII, medical data) is inherently sensitive. CEO's May 2026 update mentions a 30-day operational disruption, confirming an incident occurred, but severity cannot be confirmed without evidence of exfiltrated data scope.The kawa4096 group has published data allegedly exfiltrated from CareSTL Health. The post provides no details on the scope of data compromised, operational disruption, or proof files.
What the group claims
carestlhealth.org
Sources
- Victim sitecarestlhealth.org
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

