The Medusa ransomware group has leaked 186.36 GB of compressed information it claimed to have stolen from Comcast Company, a worldwide media and expertise firm. In accordance with Hackread.com’s earlier report, the group acknowledged that it breached Comcast in late September 2025 and obtained a complete of 834 GB of knowledge.
The leaked 186 GB archive, as soon as decompressed, ought to quantity to round 834 GB of knowledge, based mostly on the group’s claims.
The information trove was launched on Sunday, October 19. The ransomware group had initially requested for $1.2 million from potential consumers to obtain it, the identical quantity it requested Comcast to pay for the info to be deleted as a substitute of leaked or bought.
The pattern information analysed by Hackread.com throughout its protection of the group’s preliminary claims included quite a few data, resembling information named Esur_rerating_verification.xlsx, Declare Knowledge Specs.xlsm, and numerous Python and SQL scripts associated to auto premium impression evaluation.
Hackread.com reached out to Comcast relating to the incident however didn’t obtain a response, acknowledgement, or denial from the corporate. The leaked information is now out there for obtain in 47 break up information titled Comcast_FS, with 45 information sized at 4 GB every and one file measuring 2 GB.
The Medusa ransomware group is understood for focusing on main organisations. On April 8, 2025, it introduced an assault on NASCAR with a $4 million ransom demand. The incident was later confirmed as an information breach in July 2025, exhibiting that the group carried out its threats when negotiations failed.
Earlier this month, Microsoft issued a safety advisory warning organisations that the Medusa ransomware group was actively exploiting the GoAnywhere MFT vulnerability (CVE-2025-10035, CVSS 10.0) for unauthenticated distant code execution.
Comcast now joins the rising listing of corporations focused by ransomware teams. In 2023, its Xfinity model suffered a significant breach attributable to a vital vulnerability in Citrix software program, which affected greater than 35.9 million person accounts.
