Medusa Ransomware Hits Camp Susque: 49GB Data Breach Threat

Incident Date: Aug 01, 2024

Attack Overview

VICTIM

Camp Susque

INDUSTRY

Education

LOCATION

USA

ATTACKER

Medusa

FIRST REPORTED

August 1, 2024

Request Removal

Medusa Ransomware Group Targets Camp Susque

Camp Susque, a non-denominational Christian camp located in Pennsylvania, has recently fallen victim to a ransomware attack orchestrated by the Medusa ransomware group. The attackers claim to have accessed 48.9 GB of the camp's organizational data and have threatened to publish it within 10 to 11 days. This incident has raised significant concerns about the camp's data security and operational integrity.

About Camp Susque

Established in 1946, Camp Susque is a non-profit organization that offers a variety of programs designed to foster personal growth, community building, and spiritual development among youth and families. The camp provides summer youth camps, wilderness trips, family camps, educational programs, and special events. Accredited by the American Camp Association (ACA), Camp Susque prioritizes the safety and well-being of its participants through rigorous standards and well-trained counselors.

Attack Overview

The Medusa ransomware group has claimed responsibility for the attack on Camp Susque, asserting that they have exfiltrated nearly 49 GB of sensitive data. To substantiate their claims, the group has posted sample screenshots on their dark web portal. The camp now faces the daunting task of addressing this significant data breach and mitigating potential fallout.

Medusa Ransomware Group

Medusa is a ransomware group that emerged in late 2022 and operates as a Ransomware-as-a-Service (RaaS) platform. The group has been involved in various high-profile attacks across multiple sectors, including education, healthcare, and government services. Medusa's ransomware is designed to kill numerous applications and services to prevent detection and mitigation, and it disables shadow copies to thwart recovery efforts.

Potential Vulnerabilities

Camp Susque's relatively small size and non-profit status may have made it an attractive target for the Medusa ransomware group. Non-profit organizations often have limited resources for cybersecurity measures, making them more vulnerable to sophisticated attacks. The camp's reliance on donations, grants, and program fees further complicates its ability to invest in cybersecurity infrastructure.

Penetration Methods

While the exact method of penetration in this case is not publicly known, Medusa typically employs phishing attacks, exploiting unpatched vulnerabilities, and leveraging weak or compromised credentials to gain access to target systems. Once inside, the ransomware encrypts critical data and demands substantial ransoms for decryption keys.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.