Ransomware victim disclosure
← All victimsLeprohon (Image !)
Claimed by Medusa · listed 9 months ago
Status timeline
- ListedOct 14, 2025
- Data leakeddate unknown
At a glance
- Group
- Medusa
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Oct 14, 2025
- Records
- 351 Employees
About the victim
AI dossier — public-source company profileLeprohon (Image !) appears to be a company or entity associated with the name 'Leprohon', potentially a photography, imaging, or media-related business based on the parenthetical '(Image !)' in the victim name. No public site content or additional details were available to confirm its nature, location, or scale.
Attack summary
Severity: medium — Data has been marked as published by the operator, suggesting exfiltration occurred, but no details on data type, volume, or sensitivity are available to elevate to high or critical.The Medusa ransomware group claims an attack against Leprohon (Image !) with data published status, indicating exfiltration and/or publication of stolen data. No further details on the nature of the data or encryption were available from the truncated leak post.
What the group claims
Leprohon Inc is a company that operates in the Commercial & Residential Construction industry. It employs 250to499 people and has 25Mto50M of revenue. The company is headquartered in Sherbrooke, Quebec, Canada. company is headquartered in 6171 Boulevard Bourque, Sherbrooke, Québec, J1N 1H2, Canada. 351 Employees
The leak post
captured from the group's siteHuman Verify Human verification required We need to ensure you're a real person. Please solve the captcha below to continue. Verify
Sources
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

