A new ransomware incident has been published on the ransomware.live leak site, attributed to the threat group "gunra," targeting an entity identified as "on-us (HK)." The entry, dated 30 June 2026,…
Ransomware: qilin claims B.Care Medical Center (PH) — Healthcare
BREACH. Sourced from ransomwarelive, summarised by Matproof.
AI Analysis
What changed and what to do.
A new ransomware incident involving the Qilin group has been reported against B.Care Medical Center in the Philippines, as published on the ransomware.live leak site on May 15, 2026. This event is categorized under the BREACH framework, indicating confirmed data exfiltration and public disclosure. While the full scope of compromised data remains unverified, the healthcare sector is a critical infrastructure vertical under EU regulations, and this incident underscores the persistent threat to patient data and operational continuity.
Healthcare organizations, particularly those handling sensitive personal data under GDPR or equivalent frameworks, are directly affected. This includes hospitals, clinics, and medical data processors across the EU and their third-party vendors. The incident serves as a reminder that ransomware groups continue to target high-value, time-sensitive data, and that regulatory obligations for breach notification and data protection impact assessments remain in full force.
Compliance teams should immediately verify that their incident response plans include ransomware-specific playbooks, particularly for data exfiltration scenarios. Review and test backup isolation and recovery procedures. Ensure that breach notification timelines under GDPR (72 hours) are clearly mapped to internal escalation protocols. Finally, reassess third-party risk management for any healthcare partners or cloud service providers, as supply chain attacks remain a common vector.
This summary is AI-generated for orientation purposes. For regulatory action, always consult the original source linked above.
More BREACH updates
Latest in BREACH.
A new ransomware incident has been published on the ransomware.live leak site, claiming that the group "gunra" has attacked Yuditec S.A., a Uruguayan company. The entry, titled "Not Found," was…
A new ransomware incident has been published on the ransomware.live leak site, claiming that the criminal group "cmdorganization" has compromised Medlink Georgia, a healthcare organization based in…
A new ransomware incident has been published on the ransomware.live leak site, involving a US-based manufacturing company, Port Angeles Composite. The breach was posted on June 30, 2026, under the…
Map this to your controls
Connect regulatory changes to your compliance work.
Matproof maps every regulator update directly to your controls and surfaces the ones that affect your organisation — across 21 frameworks.