{
	"id": "d2150118-8542-4f07-ac84-682e9ffb0782",
	"created_at": "2026-04-06T00:17:59.261385Z",
	"updated_at": "2026-04-10T13:12:34.139949Z",
	"deleted_at": null,
	"sha1_hash": "0a0325946511277d8c1ad2159dbf4ae1b44a9c82",
	"title": "Healthcare giant Grupo Fleury hit by REvil ransomware attack",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 3004994,
	"plain_text": "Healthcare giant Grupo Fleury hit by REvil ransomware attack\r\nBy Lawrence Abrams\r\nPublished: 2021-06-23 · Archived: 2026-04-05 19:07:28 UTC\r\nBrazilian medical diagnostic company Grupo Fleury has suffered a ransomware attack that has disrupted business operations\r\nafter the company took its systems offline.\r\nGrupo Fleury is the largest medical diagnostics company in Brazil, with over 200 service centers and more than 10,000\r\nemployees. The company performs approximately 75 million clinical exams in a year.\r\nStarting yesterday, the Fleury website began displaying an alert warning that they suffered an attack and that systems are no\r\nlonger accessible.\r\nhttps://www.bleepingcomputer.com/news/security/healthcare-giant-grupo-fleury-hit-by-revil-ransomware-attack/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/healthcare-giant-grupo-fleury-hit-by-revil-ransomware-attack/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nAnnouncement on the website about the cyberattack\r\n\"Please be advised that our systems are currently unavailable and that we are prioritizing the restoration of services,\" read\r\nthe alert translated into English.\r\n\"The causes of this unavailability originated from the attempted external attack on our systems, which are having operations\r\nreestablished with all the resources and technical efforts for the rapid standardization of our services.\"\r\nWith their systems shut down, business operations are disrupted, and patients are unable to schedule lab tests or other\r\nclinical exams online.\r\nIf you have first-hand information about this or other unreported cyberattacks, you can confidentially contact us on Signal\r\nat +16469613731 or on Wire at @lawrenceabrams-bc.\r\nGrupo Fleury allegedly hit by ransomware\r\nWhile local media has received confirmation that the company has suffered a cyberattack, Grupo Fleury has not\r\nofficially confirmed a ransomware attack.\r\nHowever, multiple cybersecurity sources have told BleepingComputer that Grupo Fleury suffered an attack by the\r\nransomware operation known as REvil, also known as Sodinokibi.\r\nThis ransomware operation is responsible for numerous high-profile attacks, including Brazil's Rio Grande do Sul court\r\nsystem, nuclear weapons contractor Sol Oriens, and JBS, the world's largest meat producer.\r\nIn a sample of the ransomware used in the attack and shared with BleepingComputer, the REvil ransomware operation is\r\ndemanding $5 million to receive a decryptor and not leak allegedly stolen files.\r\nRansom demand from sample shared with BleepingComputer\r\nREvil is known for stealing files before encrypting devices and then using the stolen data as leverage to get a company to\r\npay the ransom.\r\nFrom the ransomware sample, no proof of stolen data or mention of the victim's name has been shared by the attackers at\r\nthis time.\r\nhttps://www.bleepingcomputer.com/news/security/healthcare-giant-grupo-fleury-hit-by-revil-ransomware-attack/\r\nPage 3 of 4\n\nIf data has been stolen, Grupo Fleury's data is of significant concern as it could contain enormous amounts of personal and\r\nmedical data of patients.\r\nBleepingComputer has contacted Grupo Fleury with further questions but has not received a response at this time.\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/healthcare-giant-grupo-fleury-hit-by-revil-ransomware-attack/\r\nhttps://www.bleepingcomputer.com/news/security/healthcare-giant-grupo-fleury-hit-by-revil-ransomware-attack/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/healthcare-giant-grupo-fleury-hit-by-revil-ransomware-attack/"
	],
	"report_names": [
		"healthcare-giant-grupo-fleury-hit-by-revil-ransomware-attack"
	],
	"threat_actors": [],
	"ts_created_at": 1775434679,
	"ts_updated_at": 1775826754,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/0a0325946511277d8c1ad2159dbf4ae1b44a9c82.pdf",
		"text": "https://archive.orkl.eu/0a0325946511277d8c1ad2159dbf4ae1b44a9c82.txt",
		"img": "https://archive.orkl.eu/0a0325946511277d8c1ad2159dbf4ae1b44a9c82.jpg"
	}
}