Chum1ng0 - Security Research 

🇨🇱 LockBit 5.0 has now published all the information from Clínica Dávila (http://davila.cl). Remember that this medical institution was attacked by the Devman ransomware back in December last year. It appears that Devman sold a portion of the data to LockBit.

Now the question that arises: Has Clínica Dávila individually notified each patient about the attack it suffered from Devman back in December last year?

https://www.security-chu.com/2026/03/lockbit-filtra-los-datos-de-la-clinica-davila.html

#cybersecurity #ransomware #Chile #databreach #health #healthcare #lockbit #devman #research

Mar 8 at 12:21amWeb
Show threadChum1ng0 - Security Research 6d ago
Do you remember when I told you about this, @PogoWasRight?
Show threadDissent Doe  5d ago
@chum1ng0 Yes, but do you have any actual proof that Devman sold a portion of the data to LockBit5.0? Have you reached out to Devman and to LockBitSupp to inquire?
Show threadChum1ng0 - Security Research 5d ago
@PogoWasRight Compare the list of files uploaded by devman with the files uploaded by lockbit and they are all the same: paths, names...
Show threadDissent Doe  5d ago
@chum1ng0 That doesn't mean LockBit bought the data. Maybe Devman was an affiliate for LockBit for that incident. Or maybe LockBit told Devman that they would post the data for a percentage of whatever it earned? Just my opinion, but unless you have more evidence that there was an actual sale, there are too many other possible explanations to make a claim that Devman sold it to LB.