Backmydata
Backmydata is a ransomware operation linked in the provided content to a large-scale incident in Romania’s healthcare sector. In February 2024, a Backmydata ransomware attack impacted healthcare management systems and resulted in more than 100 Romanian hospitals being knocked offline. No additional high-confidence details on Backmydata’s tooling, initial access methods, leak-site behavior, affiliates, or sub-groups are provided in the content.
Know when an actor pivots toward your sector
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
Recent activity
3 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
Ransomware operation referenced as having disrupted healthcare management systems, knocking offline over 100 Romanian hospitals (Feb 2024).
Conducting ransomware attacks against healthcare organizations, disrupting healthcare management systems.
Backmydata is known for ransomware attacks, including a major incident in February 2024 that disrupted healthcare management systems in over 100 Romanian hospitals.
The version that knows your environment.
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.