Ransomware victim disclosure
← All victimsDSI Tech
Claimed by Medusa · listed 1 year ago
Status timeline
- ListedMay 18, 2025
- Data leakeddate unknown
At a glance
- Group
- Medusa
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- May 18, 2025
- Data size
- 399.10 GB
- Records
- 223 employees
About the victim
AI dossier — public-source company profileDSI Tech is a certified minority-owned small business founded in 1991 and headquartered in Ashburn, Virginia. The company operates as a national IT value-add reseller and service provider, offering complete IT solutions and managed services across collaboration, data center, security, networks, and wireless infrastructure, with a focus on federal, state, local, and education sector clients.
- Industry
- IT Value-Add Reseller & Managed Services Provider
- Address
- 44670 Cape Ct Ste 100, Ashburn, Virginia 20147, United States
- Employees
- 223
- Founded
- 1991
Attack summary
Severity: high — Confirmed exfiltration of 399.10 GB of data from a IT services provider serving federal, state, and education sectors suggests access to sensitive infrastructure details, client configurations, and potentially regulated customer information. The scale and nature of a VAR/MSP breach creates significant operational and compliance risk.Medusa claims to have exfiltrated 399.10 GB of data from DSI Tech. The group has published the data, indicating successful data theft from the organization.
Data the group says was taken
AI dossier — extracted from the leak post- Internal business records
- Client project data
- Configuration files
- Potentially customer information
What the group claims
DSI Tech (founded in 1991) is a certified minority-owned small business that has grown into a it value-add reseller and service provider of industry vendor products and solutions. DSI Tech corporate office is located in 44670 Cape Ct Ste 100, Ashburn, Virginia, 20147, United States and has 223 employees. The total amount of data leakage is 399.10 GB
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

