The notorious Everest ransomware group has added Mediclinic Group South Africa to its leak site, claiming to have exfiltrated sensitive internal data, including the personal records of 1,000 employees. The attackers allege they have obtained 4 GB of confidential company data, which is now being used as leverage for extortion or potentially exposed on the dark web.
According to the post on Everest’s leak site, the following data was compromised:
- Personal information of 1,000 employees
- Internal documents and confidential files
- Screenshots showing payroll details, IDs, internal communication, and sensitive PDFs
- Total dump size: 4 GB