Summary
On July 15, 2025, the ransomware group Flocker claimed responsibility for an attack targeting Global Healthcare Academy (globalhealthcareacademy.org), a renowned NGO providing healthcare education. The attackers have threatened to release sensitive data if their demands are not met.
Incident Report
| Field | Details |
|---|---|
| Target | Global Healthcare Academy |
| Domain | globalhealthcareacademy.org |
| Country | Unavailable |
| Attacking Group | Flocker |
| Date Reported | July 15, 2025 |
| Threat Actor Statement | “The full leak will be published soon unless a representative contacts us via the channels provided.” |
About Global Healthcare Academy
Global Healthcare Academy is a leading NGO focused on advancing healthcare education and training. With a commitment to improving healthcare systems worldwide, the organization collaborates with various entities to provide quality education and resources.
About Flocker
Flocker is a notorious ransomware group known for targeting high-profile organizations and demanding hefty ransoms in exchange for not releasing sensitive data. Their operations are sophisticated and often involve compromising main servers and leveraging third-party vulnerabilities.
Proactive Response to Ransomware Threats
Organizations can mitigate the risks posed by ransomware attacks through proactive measures such as darkweb monitoring and regular security audits. Darkweb monitoring is crucial for identifying potential threats and data breaches before they escalate. We encourage organizations to utilize tools like the email breach checker to stay vigilant and protect their assets.
Recommendations
- Monitor your domains and email addresses for exposure using reputable threat intelligence tools.
- Conduct a full compromise assessment and incident response drill internally.
- Verify backups and ensure they are offline and ransomware-resistant.
- Educate staff on phishing, social engineering, and lateral movement techniques used by groups like Qilin.
- Engage with cyber forensics and legal counsel before initiating contact with threat actors.
Check Your Exposure
Wondering if your organization or employees are impacted by recent breach activity?
-
Check domain-wide breach exposure:
mspdarkintel.com/domain-breach-scan -
Check if an email was breached:
mspdarkintel.com/email-breach-scan
Disclaimer
The MSPDarkIntel team does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information.
All breach data reported here is sourced from publicly available threat intelligence feeds for awareness and early-warning purposes only.
Our goal is to inform organizations of emerging threats so they can take timely defensive action.
Table of Contents
