Ransomware Group: APT73

VICTIM NAME: www[.]polleninformation[.]at

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the APT73 Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak associated with the healthcare site www.polleninformation.at presents a significant data breach involving sensitive information. This site appears to function as an informational platform regarding pollen situations but has suffered a leak that reportedly includes over 22,140 lines of personal information and credentials. The nature of the data compromises the privacy of individuals, with unverified claims suggesting that exposure includes personal identifiers, login details, and possibly health-related information. The leak underscores the risks faced by online healthcare platforms, particularly in safeguarding patient data.

According to the information retrieved, the compromise date is unspecified. However, the data was discovered and made public on November 27, 2024. The leak is attributed to a group known as APT73, which is noted for its technological capabilities and historical involvement in cyber incidents. The site operated under the .at domain and has a strong focus on pollen data, yet it is now compromised and used as a platform for threat actors. Users are warned about the potential misuse of the leaked data, emphasizing the need for heightened awareness and protective measures regarding personal information online.

The leak page also contains screenshots illustrating elements of the exposed data, though the specific contents have been sanitized to avoid the disclosure of sensitive information. The ongoing issuance of ransomware attacks against healthcare entities highlights the growing concern over cybersecurity in the industry. As the landscape of cyber threats evolves, it remains critical for organizations to adopt comprehensive security protocols to mitigate such risks and protect valuable data assets.