Ransomware victim disclosure
← All victimsAIG Healthcare
listed as AIGHEALTHCARE.IN · Claimed by Cl0p · listed 4 months ago
Status timeline
- ListedMar 30, 2026
- Data leakeddate unknown
At a glance
- Group
- Cl0p
- Status
- Data leaked
- Country
- India
- Sector
- Healthcare
- Listed on leak site
- Mar 30, 2026
About the victim
AI dossier — public-source company profileAIG Healthcare (aighealthcare.in) is an India-based healthcare organisation. Based on the domain and sector classification, the company likely provides medical or health-related services within India. No further details could be confirmed from the public site or leak post.
- Industry
- Healthcare Services
Attack summary
Severity: high — The victim operates in the healthcare sector in India, and the disclosure status is 'data_published', suggesting exfiltration of potentially sensitive medical or personal data. Healthcare data breaches typically involve regulated PII and patient records, warranting a high severity rating, though the absence of confirmed proof details prevents a critical classification.The Clop ransomware group has listed AIG Healthcare under a disclosed/data-published status, implying data exfiltration has occurred or been threatened. The leak post itself provided no readable content beyond a redirect queue message, so specific claims about encryption or data types could not be verified.
Data the group says was taken
AI dossier — extracted from the leak post- Patient records (inferred)
- Healthcare operational data (inferred)
Original description
AI-summarised, not from the leak postN/A
The leak post
captured from the group's siteYou have been placed in a queue, awaiting forwarding to the platform. Please do not refresh the page, you will be automatically redirected.
Sources
Source
Indexed 4 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

