Argentina
ARRansomware victim intelligence profile ยท Ranked #20 globally ยท Updated: May 28, 2026
Ransomware Threat Profile: Argentina
Argentina ranks #20 globally for ransomware attacks, with 116 confirmed victims in this database โ representing 0.6% of the worldwide total. The most active ransomware groups targeting Argentina include Qilin, Safepay, Thegentlemen.
The most frequently targeted industries in Argentina are Healthcare, Agriculture and Food Production, Manufacturing. The healthcare sector is particularly vulnerable because attacks on hospitals and medical providers can create life-threatening situations, increasing pressure to pay ransoms quickly.
Argentina's attack volume reflects broader trends in ransomware targeting: the volume of attacks reflects the country's integration into the global economy and the proliferation of ransomware operations that target organisations of all sizes worldwide.
Organisations in Argentina should consider the active threat groups documented here when assessing their cybersecurity posture, implementing detection rules, and prioritising incident response planning.
Recent Victims in Argentina (20 cached of 116 total)
| # | Organization | Group | Sector | Date |
|---|---|---|---|---|
| 1 | Sanatorio Delta | Thegentlemen | Healthcare | May 24, 2026 |
| 2 | grupopetersen.com.ar | Apt73 | Agriculture and Food Production | May 21, 2026 |
| 3 | Vial Agro | Qilin | Agriculture and Food Production | May 20, 2026 |
| 4 | CLINICA AVELLANEDA MEDICAL CENTER | Qilin | Healthcare | May 16, 2026 |
| 5 | Buenos Aires Software | Coinbasecartel | Technology | May 13, 2026 |
| 6 | Shipping Services | Qilin | Transportation/Logistics | May 8, 2026 |
| 7 | Triquim | Thegentlemen | Manufacturing | May 6, 2026 |
| 8 | SanCor | Qilin | Agriculture and Food Production | Apr 25, 2026 |
| 9 | cheeky.com.ar | Safepay | Consumer Services | Apr 17, 2026 |
| 10 | INDESMALLA | Akira | Manufacturing | Apr 15, 2026 |
| 11 | Debene S.A. | Pรกgina Principal | Timc | Manufacturing | Apr 9, 2026 |
| 12 | Grupo PyD | Gunra | Construction | Apr 8, 2026 |
| 13 | Hospital del Sur | Thegentlemen | Healthcare | Apr 8, 2026 |
| 14 | TR Construya | Qilin | Construction | Mar 28, 2026 |
| 15 | Estudio O'Farrell | Crypto24 | Business Services | Mar 24, 2026 |
| 16 | Curtiembre Austral S.R.L. | Qilin | Manufacturing | Mar 11, 2026 |
| 17 | Perfumeria Pigmento | Thegentlemen | Consumer Services | Feb 21, 2026 |
| 18 | RC Collecting | Qilin | Consumer Services | Feb 4, 2026 |
| 19 | adifse.com.ar | Safepay | Public Sector | Jan 24, 2026 |
| 20 | Borg Argentina | Qilin | โ | Jan 24, 2026 |
Frequently Asked Questions
How many ransomware attacks have occurred in Argentina?
Argentina has recorded 116 ransomware victim disclosures in this database, ranking #20 globally. This represents 0.6% of all tracked ransomware attacks worldwide.
Which ransomware groups target Argentina?
The ransomware groups most active in Argentina are Qilin, Safepay, Thegentlemen, Akira. These groups collectively account for the majority of victim disclosures attributed to Argentina.
Which industries are most targeted by ransomware in Argentina?
In Argentina, the most frequently targeted sectors are Healthcare, Agriculture and Food Production, Manufacturing. These industries hold valuable data and often have critical operational requirements that make them attractive ransomware targets.
How does Argentina rank globally for ransomware attacks?
Argentina ranks #20 globally for ransomware attacks with 116 victim disclosures, representing 0.6% of the worldwide total of 18,180 tracked victims.
How can organisations in Argentina protect against ransomware?
Organisations in Argentina should implement a layered security approach including regular offline backups, network segmentation, multi-factor authentication, endpoint detection and response (EDR) tools, and employee security awareness training. Monitoring threat intelligence feeds for active groups targeting Argentina is also recommended.