Medusa threat actors targeted Nottingham Construction, a UK-based general contractor established in 1989 and serving national retail clients, resulting in the leakage of 252.50 GB of sensitive data. The incident underscores the ongoing threat of sophisticated ransomware attacks to companies with substantial operational and client data.
Incident Details
- Victim: Nottingham Construction
- Country: GB
- Actor: medusa
- Source: http://xfv4jzckytb4g3ckwemcny3ihv4i5p4lqzdpi624cxisu35my5fwi5qd.onion/detail?id=1a126a5ec82fe49ead945a4bd16d865b
- Discovered: 2025-05-14 05:30:27.702036
- Published: 2025-05-13 15:37:50.000000
Information
- Nottingham Construction was established in 1989 and incorporated in 1998.
- It specializes in commercial carpentry and operates as a General Contractor.
- The company serves National Retail Companies across locations from New York to Virginia.
- Its corporate office is located at 375 Ivyland Road, Unit 10, Warminster, PA 18974, USA.
- Nottingham Construction has a total of 21 employees.
- The ransomware incident involved data leakage totaling 252.50 GB.
- The threat actor responsible for the ransomware attack is Medusa.
Disclaimer: This post is based on public claims made by the ransomware group "medusa". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.