Ransomware victim disclosure
← All victimsExpert E-commerce GmbH
Claimed by Medusa · listed 11 months ago
Status timeline
- ListedAug 20, 2025
- Data leakeddate unknown
At a glance
- Group
- Medusa
- Status
- Data leaked
- Country
- Germany
- Sector
- Technology
- Listed on leak site
- Aug 20, 2025
- Data size
- 114 GB
About the victim
AI dossier — public-source company profileExpert E-commerce GmbH operates expert.de, a major German consumer electronics retailer offering a wide range of products including TVs, audio equipment, computers, smartphones, smart home devices, and household appliances via both physical stores and an online shop. The company is part of the Expert retail group, one of Germany's largest electronics retail chains. It serves consumers across Germany through a network of local stores and a comprehensive e-commerce platform.
- Industry
- Consumer Electronics Retail & E-commerce
- Employees
- 1001-5000
Attack summary
Severity: high — 114 GB of confirmed exfiltrated data from a large German e-commerce and retail operator, with data already published. Likely includes customer PII and business-sensitive records at scale, though specific data categories are not enumerated in the (blocked) leak post.The Medusa ransomware group claims to have exfiltrated approximately 114 GB of data from Expert E-commerce GmbH and has published the data. No ransom amount was stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Business data (114 GB exfiltrated)
- Potentially customer records
- Potentially employee records
- Potentially financial/transactional data
- Internal company documents
What the group claims
Expert E-commerce GmbH is a company specializes in E-commerce Services. It offers services that provide the participating specialist stores of the expert group (Expert SE) via online support. The company was formed in 1999 and is based in Langenhagen, Germany. The total amount of data leakage is 114 GB
The leak post
captured from the group's siteHuman Verify Human verification required We need to ensure you're a real person. Please solve the captcha below to continue. Verify
Sources
Source
Indexed 11 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

