A new ransomware incident has been published on the ransomware.live leak site, attributed to the threat group "gunra," targeting an entity identified as "on-us (HK)." The entry, dated 30 June 2026,…
Ransomware: cmdorganization claims Medlink Georgia (GE) — Healthcare
BREACH. Sourced from ransomwarelive, summarised by Matproof.
AI Analysis
What changed and what to do.
A new ransomware incident has been published on the ransomware.live leak site, claiming that the criminal group "cmdorganization" has compromised Medlink Georgia, a healthcare organization based in Georgia. The breach is categorized under the BREACH framework, indicating that sensitive data has been exfiltrated and is at risk of public exposure. This is not a regulatory change but a live incident report that triggers immediate compliance obligations under EU and US data protection laws.
The primary affected sector is healthcare, specifically Medlink Georgia and its patients, but the incident also serves as a warning for all healthcare providers and business associates handling protected health information. Under GDPR and similar frameworks, any organization processing EU personal data must assess whether this breach impacts their supply chain or data flows, especially if Medlink Georgia processes data of EU residents.
Compliance teams should immediately verify whether their organization has any data-sharing agreements with Medlink Georgia or its affiliates. If so, conduct a risk assessment for potential cross-border data exposure, update incident response plans, and ensure breach notification procedures are ready. For all healthcare entities, this is a reminder to review ransomware defenses, segment networks, and test backup restoration processes. Monitor ransomware.live for further disclosures and coordinate with legal counsel on any mandatory reporting to supervisory authorities.
This summary is AI-generated for orientation purposes. For regulatory action, always consult the original source linked above.
More BREACH updates
Latest in BREACH.
A new ransomware incident has been published on the ransomware.live leak site, claiming that the group "gunra" has attacked Yuditec S.A., a Uruguayan company. The entry, titled "Not Found," was…
A new ransomware incident has been published on the ransomware.live leak site, involving a US-based manufacturing company, Port Angeles Composite. The breach was posted on June 30, 2026, under the…
On June 30, 2026, a ransomware group known as blacknevas publicly claimed responsibility for a cyberattack against Arkin Group, a business services firm. The claim was published on the…
Map this to your controls
Connect regulatory changes to your compliance work.
Matproof maps every regulator update directly to your controls and surfaces the ones that affect your organisation — across 21 frameworks.