Medusa Ransomware Claims Comcast Data Breach, Demands $1.2M

The Medusa ransomware group claims to have stolen 834.4 GB of data from Comcast Corporation, demanding $1.2 million either as ransom for deletion or as payment for interested buyers to download the stolen information. The cybercriminals posted approximately 20 screenshots and a file listing of 167,121 entries as proof, allegedly containing actuarial reports, product management data, insurance modeling scripts, claim analytics, and financial datasets including files like Excel spreadsheets and Python/SQL scripts related to premium analysis. Medusa has targeted several high-profile American companies in 2025, including a confirmed NASCAR breach announced in April with a $4 million ransom demand that resulted in a July data breach confirmation. Security expert Darren Guccione from Keeper Security emphasized the importance of proactive cybersecurity defenses, recommending organizations strengthen access controls, enforce phishing-resistant multi-factor authentication, require strong passwords in encrypted managers, and adopt zero-trust security models with privileged access management. Comcast has not publicly confirmed or denied the breach, while the company could face regulatory scrutiny if sensitive customer or financial data is involved given the alleged leak’s substantial size.​​​​​​​​​​​​​​​​