The Medusa ransomware group has leaked 186.36 GB of compressed data it claimed to have stolen from Comcast Corporation, a global media and technology company. According to Hackread.com’s earlier report, the group stated that it breached Comcast in late September 2025 and obtained a total of 834 GB of data.
The leaked 186 GB archive, once decompressed, should amount to around 834 GB of data, based on the group’s claims.
The data trove was released on Sunday, October 19. The ransomware group had initially demanded $1.2 million from potential buyers to download it, the same amount it asked Comcast to pay for the data to be deleted instead of leaked or sold.
The sample data analysed by Hackread.com during its coverage of the group’s initial claims included numerous records, such as files named Esur_rerating_verification.xlsx, Claim Data Specifications.xlsm, and various Python and SQL scripts related to auto premium impact analysis.
Hackread.com reached out to Comcast regarding the incident but did not receive a response, acknowledgement, or denial from the company. The leaked data is now available for download in 47 split files titled Comcast_FS, with 45 files sized at 4 GB each and one file measuring 2 GB.
The Medusa ransomware group is known for targeting major organisations. On April 8, 2025, it announced an attack on NASCAR with a $4 million ransom demand. The incident was later confirmed as a data breach in July 2025, showing that the group carried out its threats when negotiations failed.
Earlier this month, Microsoft issued a security advisory warning organisations that the Medusa ransomware group was actively exploiting the GoAnywhere MFT vulnerability (CVE-2025-10035, CVSS 10.0) for unauthenticated remote code execution.
Comcast now joins the growing list of companies targeted by ransomware groups. In 2023, its Xfinity brand suffered a major breach caused by a critical vulnerability in Citrix software, which affected more than 35.9 million user accounts.
