Ransomware victim disclosure
← All victimsWebstercare
listed as webstercare.com.au · Claimed by Payloadbin · listed 5 years ago
Status timeline
- ListedSep 9, 2021
- Data leakeddate unknown
At a glance
- Group
- Payloadbin
- Status
- Data leaked
- Country
- Australia
- Sector
- Healthcare
- Listed on leak site
- Sep 9, 2021
About the victim
AI dossier — public-source company profileWebstercare is an Australian company that invented the Webster-pak medication management system, providing medication packs, automation, software, charting, and reporting solutions for pharmacies, aged care facilities, community care providers, prescribers, and individuals. The company has been operating for over 40 years and also offers the MedCare electronic medication compliance platform connecting care teams in real-time. Their products and services are used across Australia's healthcare and aged care sectors.
- Industry
- Medication Management & Healthcare Technology
Attack summary
Severity: critical — Webstercare operates in the aged care and healthcare medication management sector in Australia, handling sensitive patient medication profiles, clinical communications, and resident health data across pharmacies and aged care facilities. A confirmed data publication event in this sector implies likely exposure of regulated healthcare and personal medical data at scale, meeting the critical threshold.The Payloadbin ransomware group claims to have compromised Webstercare, with the disclosure status recorded as data_published, indicating data has been exfiltrated and released. No specific details on encrypted systems or the precise nature of published data were captured in the leak post.
Data the group says was taken
AI dossier — extracted from the leak post- Potentially patient/resident medication records
- Healthcare provider information
- Business operational data
- Software and clinical communication data
Sources
- Victim sitewebstercare.com
Source
Indexed 5 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

