NetRunnerPR

Also known as: NetRunnerPR

NetRunnerPR has claimed to breach the networks of Shiraume Hospital and Nippon Medical School Musashi Kosugi Hospital in Japan, exfiltrating patient PII and medical records. The actor announced plans to release a complete database on March 5, 2026, and an additional 20,000 records on February 16, 2026, contingent on undisclosed conditions. The claims were made on a cybercrime forum, accompanied by sample data to validate the breaches. NetRunnerPR’s account shows limited activity history and lacks a documented history of major ransomware operations or confirmed breaches, raising questions about the credibility of the claims.

Introduction

NetRunnerPR has claimed to breach the networks of Shiraume Hospital and Nippon Medical School Musashi Kosugi Hospital in Japan, exfiltrating patient PII and medical records. The actor announced plans to release a complete database on March 5, 2026, and an additional 20,000 records on February 16, 2026, contingent on undisclosed conditions. The claims were made on a cybercrime forum, accompanied by sample data to validate the breaches. NetRunnerPR’s account shows limited activity history and lacks a documented history of major ransomware operations or confirmed breaches, raising questions about the credibility of the claims.

Activities and Tactics

Information pending cataloguing.

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.

Malware and Tools

  • CyberGate
  • Cyber Eye RAT

Attribution and Evidence

Information pending cataloguing.

References

References pending cataloguing.