Ransomware Group: MEDUSA

VICTIM NAME: Comcast

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the MEDUSA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

On September 26, 2025 at 15:59:02, a leak page attributed to the Medusa ransomware group names Comcast as a victim. Comcast is described as a United States–based telecommunications and media technology company with global operations spanning residential connectivity and platforms, business services connectivity, and media/entertainment segments. The page lists the corporate headquarters location as Philadelphia, United States, but the exact street address has been redacted to protect PII. The post claims about 182,000 employees and asserts that 834.4 GB of data has been leaked. The incident is framed as a data leakage event rather than encryption of systems, and the page is categorized under Telecommunication to reflect Comcast’s industry footprint.

The leak page reports no visible screenshots or image attachments (0 images) and appears gated behind a human verification step (“Human verification required…”). It notes that a claim URL is present on the page, though no actual data samples are shown in this public excerpt, and there is no explicit ransom amount disclosed within the accessible content. The stated data volume (834.4 GB) supports a data-leak claim rather than a simple encryption event, and the page provides no additional details about the data types involved in the breach.

In summary, Comcast is the victim named on a Medusa-linked leak page published on September 26, 2025. The page asserts a data leakage of 834.4 GB, with the post date serving as the release date since no compromise date is provided. The page’s content is gated, there are no visible images or attachments, and sensitive details such as the physical address have been redacted to protect privacy. The presence of a claim URL on the page is noted, but the publicly visible material does not include any ransom figure or explicit data types from the breach.