Ransomware victim disclosure
← All victimsDoctocliq
Claimed by Killsecurity · listed 11 months ago
Status timeline
- ListedAug 19, 2025
- Data leakeddate unknown
At a glance
- Group
- Killsecurity
- Status
- Data leaked
- Country
- Mexico
- Sector
- Healthcare
- Listed on leak site
- Aug 19, 2025
- Data size
- 600 GB
About the victim
AI dossier — public-source company profileDoctocliq is a cloud-based medical and dental practice management platform serving healthcare professionals across 20+ countries in Latin America. The platform integrates patient records, scheduling, financial management, and patient communication with AI capabilities, serving over 4,000 doctors and dentists.
- Industry
- Healthcare Software & Medical Practice Management
- Employees
- 51-200
Attack summary
Severity: high — Confirmed data publication from a healthcare platform hosting sensitive patient medical records, clinical histories, and financial data across thousands of medical practices. This constitutes exfiltration of regulated healthcare information (PII and medical data) at scale, even without explicit proof file counts.Killsecurity claims to have breached Doctocliq and exfiltrated data. The post does not explicitly state what data was taken or whether systems were encrypted, but the disclosure status indicates data has been published.
Data the group says was taken
AI dossier — extracted from the leak post- Patient medical records (clinical histories)
- Patient contact information
- Financial transaction records
- Doctor/clinic operational data
- Scheduling and appointment data
What the group claims
En Doctocliq ayudamos a miles de doctores en 19 países a gestionar sus consultorios de forma más eficiente, rentable y humana, con una plataforma que conecta agenda, expediente clínico, finanzas y comunicación con pacientes mediante inteligencia artificial. Estamos construyendo la infraestructura digital para que millones de profesionales de la salud en Latinoamérica lideren su propio crecimiento. Nuestro equipo crece con la misma velocidad que nuestra visión: si te apasiona la tecnología, el impacto social y el trabajo colaborativo, aquí puedes transformar la salud junto a nosotros.
The leak post
captured from the group's siteFounded in 1997, iCare Software, based in the United States, delivers innovative management solutions for childcare and afterschool programs. Serving childcare centers, preschools, afterschool programs, and multi-site operations, iCare automates critical tasks like attendance tracking, staff scheduling, tuition collection, and compliance reporting. Its unique offerings include AI-driven analytics, business intelligence dashboards, and CRM tools to boost enrollment and staff retention. With seamless data migration and robust back-end technology, iCare empowers providers to focus on quality care while streamlining operations and driving growth. Cadorim simplifies money transfers to Mauritania, offering a secure, user-friendly platform for individuals and businesses. With a focus on speed, affordability, and accessibility, Cadorim enables seamless transactions in just three clicks, available around the clock. The company ensures maximum security for every transfer, provides competitive exchange rates with no fees, and processes transactions instantly. Headquartered in Brussels, Belgium, with operations in Nouakchott, Mauritania, Cadorim serves customers seeking reliable, cost-effectiv…
Sources
- Victim sitedoctocliq.com
Source
Indexed 11 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

