Security researchers have unmasked a fake ransomware operation calling itself “0APT” that’s been causing waves in cybersecurity circles with completely fabricated data breach claims. The group set up a typical ransomware leak site with a minimalist design and intimidating download buttons, but there’s just one problem—none of it’s real.
Initially targeting nameless companies nobody cared about, 0APT got bolder. They started listing big names in healthcare, finance, and government sectors. Epworth Healthcare, Allegheny Health Network, Women and Infants Hospital—all supposedly compromised. Yeah, right.
What happens when you click those scary download buttons? Nothing useful. The servers pipe random data directly into browsers—literally computer-generated gibberish. No stolen emails. No spreadsheets. No Social Security numbers. Just white noise masquerading as “evidence.”
Some of these supposed victims have faced actual cybersecurity issues in the past. FIIG Securities got slapped with a $2.5 million fine for security failures. HealthCare.gov had a test server hacked years ago. But these incidents had nothing to do with 0APT’s claims.
Researchers at DataBreaches.net checked the receipts. They contacted New Horizons Medical about 0APT’s claim of stealing 90,000 records and 236GB of data. No confirmation. Because it didn’t happen.
The scam is pretty lazy when you think about it. No malware deployment. No actual data theft. Just public fear-mongering without doing the work. Real hackers must be rolling their eyes.
What makes this concerning is the sectors targeted. Healthcare breaches trigger genuine panic about medical identity theft. Financial institutions hold our money. Government agencies hold our secrets. 0APT knows which buttons to push. Women and Infants Hospital previously reached a $150,000 HIPAA settlement after an actual breach in 2012 involving unencrypted backup tapes with sensitive patient information.
The takeaway? Not every scary headline deserves your attention. Sometimes it’s just noise—literally, in this case. Real cybersecurity threats exist, but 0APT isn’t one of them. Allegheny Health Network did experience a legitimate breach in April 2025 when their monitoring systems identified anomalous activity in their patient database, but this had no connection to 0APT’s false claims. Just another group trying to build reputation without putting in the effort. Cybercrime’s wannabe influencers, basically.
