Vice Society
| Primary URL | Location | Industry | Undetermined |
Country
—
|
Healthcare
|
|---|
Profile
Vice Society is a cybercriminal group that carries out ransomware attacks and data‑exfiltration operations, primarily targeting organisations in the telecommunications and healthcare sectors. Their activities involve gaining unauthorized access to networks, disrupting services, and stealing sensitive information which is then threatened with public release on leak sites. In November 2022 they attacked a telecommunications company in Paraguay, causing service disruptions while core operations remained largely unaffected due to preventive measures, and they also exposed isolated digital wallet platform issues for some users. The same month they leaked patient health data from the Spanish medical institution Unidad Medica AngloAmericana, posting the information on their leak site without any official acknowledgment or response from the victim organisation. These incidents demonstrate their pattern of compromising critical infrastructure and health‑related entities to obtain valuable data for extortion or public shaming.
Vice Society’s distinguishing attributes include a focus on double‑extortion tactics where they both encrypt systems and threaten to leak stolen data, although ransom demands are not always reported in their public actions. They have shown a particular interest in healthcare organisations, seeking to exfiltrate and disseminate protected health records without immediate ransom negotiations, as seen in the Spanish medical facility case. The group operates across multiple geographic regions, affecting entities in Latin America and Europe, indicating an international reach rather than a confined local scope. Their use of leak sites to publish victim data serves as a reputational pressure tactic, distinguishing them from groups that rely solely on encryption for profit. While no explicit details about their organisational structure, ownership, or size are provided in the source material, the observed behaviour highlights a specialised focus on data theft and service disruption as core components of their criminal methodology.