Ransomware victim disclosure
← All victimsDeVita & Associates, Inc.
Claimed by Medusa · listed 1 year ago
Status timeline
- ListedMay 14, 2025
- Data leakeddate unknown
At a glance
- Group
- Medusa
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- May 14, 2025
- Data size
- 618.40 GB
- Records
- 114 employees
About the victim
AI dossier — public-source company profileDeVita & Associates is an engineering firm founded in 1984, headquartered in Greenville, South Carolina with additional offices in Richmond, Atlanta, and Charlotte. The firm provides comprehensive mechanical, electrical, structural, and precast engineering services, including BIM technology and sustainable design, serving clients across multiple industries including hospitality, retail, and government facilities.
- Industry
- Engineering Services - Mechanical, Electrical, Structural & Precast Design
- Address
- 1150 E Washington St, Greenville, South Carolina 29601, United States
- Employees
- 114
- Founded
- 1984
Attack summary
Severity: high — Confirmed exfiltration of 618.40 GB of data from an engineering firm that handles sensitive client projects, including government facilities and critical infrastructure work. Data published with no ransom demand suggests intent to damage reputation and competitiveness.Medusa claims to have exfiltrated 618.40 GB of data from DeVita & Associates. The group has published the data; no ransom demand is stated.
Data the group says was taken
AI dossier — extracted from the leak post- Engineering designs and technical documents
- Client project files
- Business and operational records
- Corporate data
What the group claims
DeVita & Associates, Inc. ( founded in 1984) provides a full range of mechanical, electrical, and structural engineering services, including specialized structural precast design and detailing. DeVita & Associates corporate office is located in 1150 E Washington St, Greenville, South Carolina, 29601, United States and has 114 employees. The total amount of data leakage is 618.40 GB
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

