[MEDUSA] – Ransomware Victim: PT Kalimantan Prima Persada

AI Generated Summary of the Ransomware Leak Page

PT Kalimantan Prima Persada (KPP) is identified on the leak page as the victim, with the post attributed to the Medusa ransomware group. The page frames KPP as an energy-sector operator focused on coal mining in Kalimantan and provides background on its corporate footprint, noting operations in South Kalimantan and East Kalimantan and a workforce of about 1,872 employees, headquartered in Jakarta, Indonesia. The timestamp on the page is 2025-11-06 18:04:53, which serves as the post date; there is no explicit compromise date provided, and the post presents a data-leak narrative rather than a traditional encryption event. No ransom amount or demand is disclosed in the readable content, and the material concentrates on the victim’s business footprint rather than detailing specific data categories or volumes. The page also shows a gating step, indicating human verification is required to access further details.

The page shows no visible screenshots or media assets accompanying the claim (images_count = 0). A claim URL is indicated as present in the data, but the scraped excerpt does not reveal an accessible link. PII is redacted, including street addresses and contact details, while the victim name remains intact. The body excerpt reveals a captcha-based verification prompt, which limits access to the leaked material in the current view. Taken together, the post asserts a data-leak incident against PT Kalimantan Prima Persada, published on 6 November 2025, with no publicly displayed data volumes, samples, or ransom figures in the available material.