Ransomware victim disclosure
← All victimsVIPP - Vascular and Interventional Center Development and Management Group
listed as VIPPLLC.COM · Claimed by Cl0p · listed 5 months ago
Status timeline
- ListedFeb 7, 2026
- Data leakeddate unknown
At a glance
- Group
- Cl0p
- Status
- Data leaked
- Listed on leak site
- Feb 7, 2026
About the victim
AI dossier — public-source company profileVIPP (Vascular and Interventional Center Development and Management Group) owns and operates a group of cardiovascular cath labs, surgical facilities, and diagnostic centers across California. The physician-led organization specializes in comprehensive vascular and wound care for diabetic patients, employing interventional radiologists, cardiologists, vascular surgeons, and surgical podiatrists. It is described as one of the largest integrated vascular/diabetic care providers in California, with a focus on reducing lower extremity amputations.
- Industry
- Vascular & Interventional Healthcare Services
Attack summary
Severity: critical — VIPP is a healthcare organization handling sensitive patient medical data including diabetic and vascular care records, which constitutes regulated PHI/PII under HIPAA. The disclosed status is 'data_published', confirming actual exfiltration and release of likely regulated medical data at scale.Cl0p claims to have compromised VIPPLLC.COM and has moved to the data_published stage, indicating exfiltration and publication of data. The leak post content is not detailed, but the disclosed status confirms data has been published.
Data the group says was taken
AI dossier — extracted from the leak post- Patient medical records
- Healthcare operational data
- Physician and staff information
- Insurance contract data
- Diagnostic and surgical facility records
Original description
AI-summarised, not from the leak postN/A
Sources
- Victim siteVIPPLLC.COM
Source
Indexed 5 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

