The Medusa ransomware group has allegedly added two new victims to its dark web blog, claiming to have breached a Brazilian home décor company and a German e-commerce firm. The threat actor has published details about the alleged attacks, setting a deadline for each company to pay a ransom demand of $200,000 to prevent the public release of stolen data. The group has also provided samples of the allegedly exfiltrated files as proof of the breach.
The targeted organizations operate in different sectors and countries, highlighting the widespread nature of the Medusa group’s campaigns. The total amount of data allegedly stolen from Florarte is 184.8 GB, while the breach of Expert E-commerce GmbH supposedly involves 114 GB of data. The countdown timers on the group’s blog indicate that the data from the German firm will be released in approximately six days, while the Brazilian company’s data is set to be leaked in about ten days if the ransoms are not paid.
Here are the victims listed on the Medusa blog:
- 🇧🇷 Florarte: A prominent Brazilian company established in 1992, specializing in the import and distribution of artificial plants, home décor, and decorative products. It has a nationwide presence with a large catalog of over 14,000 items.
- 🇩🇪 Expert E-commerce GmbH: A German e-commerce services company founded in 1999. It provides online support and services for the specialist stores within the Expert SE group.
