Medusa Ransomware Claims Comcast Data Breach, Demands .2M
The Medusa ransomware group is claiming responsibility for a ransomware attack on Comcast Corporation, a global media and technology company best known for its broadband, television, and film businesses. According to the group’s dark web leak site, they exfiltrated 834.4 gigabytes of data and are demanding .2 million for interested buyers to download it. The same sum has been set as ransom for Comcast if the company wants the data deleted rather than leaked or sold.
To back its claims, Medusa has posted around 20 screenshots allegedly showing internal Comcast files. The group also shared a massive file listing of 167,121 entries, suggesting access to actuarial reports, product management data, insurance modeling scripts, and claim analytics. The sample paths include files such as Esur_rerating_verification.xlsx, Claim Data Specifications.xlsm, and Python, as well as SQL scripts related to auto premium impact analysis.
Medusa ransomware is known for publishing file listings and partial screenshots as proof of compromise while holding back the bulk of the data to increase ransom pressure. In this case, the nature of the files points toward actuarial and financial datasets, some of which appear to involve insurance calculations, customer data processing, and claim management systems.
To read the complete article see: