The Medusa ransomware group is claiming duty for a ransomware assault on Comcast Company, a world media and expertise firm greatest recognized for its broadband, tv, and movie companies.
In accordance with the group’s darkish internet leak web site, they exfiltrated 834.4 gigabytes of knowledge and are demanding $1.2 million for patrons to obtain it. The identical sum has been set as ransom for Comcast if the corporate needs the information deleted slightly than leaked or offered.
To again its claims, Medusa has posted round 20 screenshots allegedly displaying inner Comcast information. The group additionally shared a large file itemizing of 167,121 entries, suggesting entry to actuarial reviews, product administration information, insurance coverage modelling scripts, and declare analytics.
The pattern paths embody information similar to Esur_rerating_verification.xlsx, Declare Knowledge Specs.xlsm, and Python, in addition to SQL scripts associated to auto premium affect evaluation.
Comcast and Cybersecurity
In your data, Comcast owns NBCUniversal, which operates NBC, Telemundo, Common Photos, Sky (in Europe), and a variety of TV networks, movie studios, and streaming platforms like Peacock.
Though the corporate has not been in information over large-scale cyber assaults, a 2015 report revealed by Hackread.com revealed that over 200,000 Comcast consumer credentials had been leaked on the darkish internet.
On the time, Comcast acknowledged the information doubtless got here from credential aggregation slightly than a direct breach of its techniques. The case underscored how beforehand uncovered data can resurface years later, complicating efforts to separate legacy leaks from contemporary intrusions.
Medusa ransomware is understood for publishing file listings and partial screenshots as proof of compromise whereas holding again the majority of the information to extend ransom strain. On this case, the character of the information factors towards actuarial and monetary datasets, a few of which seem to contain insurance coverage calculations, buyer information processing, and declare administration techniques.
Medusa Goals At Prime American Companies
Previous Medusa incidents have proven that the group tends to launch parts of knowledge if calls for usually are not met, growing the strain on victims to barter. The cyber legal group has additionally been behind a number of high-profile assaults this yr.
On April 8, 2025, the group introduced it had focused NASCAR with a $4 million ransom demand. That incident was later confirmed as a knowledge breach in July 2025, displaying the group had adopted via on earlier threats when negotiations failed.
On the time of writing, Comcast has not publicly confirmed or denied the breach. The corporate might face regulatory scrutiny if delicate buyer or monetary information is concerned, significantly given the sheer dimension of the alleged leak.
Hackread.com has reached out to Comcast for remark and can proceed monitoring the scenario for updates on the corporate’s response and any additional releases from Medusa.
