Ransomware victim disclosure
← All victimsProCure Proton Therapy Center
listed as procure.com · Claimed by Devman · listed 8 months ago
Status timeline
- ListedNov 21, 2025
- Data leakeddate unknown
At a glance
- Group
- Devman
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Nov 21, 2025
- Data size
- 40 GB
About the victim
AI dossier — public-source company profileProCure Proton Therapy Center is New Jersey's first and longest-established proton therapy cancer treatment center, operating since 2012. Located in New Jersey, it has treated more than 7,500 patients using advanced Pencil Beam Scanning technology. The center provides specialized radiation oncology services for conditions including prostate cancer, brain tumors, breast cancer, and pediatric cancers.
- Industry
- Oncology / Proton Therapy Cancer Treatment
- Address
- New Jersey, United States
- Founded
- 2012
Attack summary
Severity: critical — The victim is a medical/oncology treatment center; 40 GB of exfiltrated data with a claim of 120,000 records almost certainly includes protected health information (PHI) and PII at scale, constituting regulated medical data under HIPAA and representing a critical-severity breach.The group 'devman' claims to have exfiltrated approximately 40 GB of data from ProCure Proton Therapy Center, with a reference to 120,000 records. The disclosed status indicates the data has been published.
Data the group says was taken
AI dossier — extracted from the leak post- Patient records (estimated 120,000)
- Medical/clinical data
- Personally identifiable information (PII)
- Insurance information
- Patient portal data
What the group claims
Ransom: data theft 40gb 120K
Sources
Source
Indexed 8 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

