Ransomware victim disclosure
← All victimsTrindel Insurance Fund
Claimed by Medusa · listed 1 year ago
Status timeline
- ListedMay 14, 2025
- Data leakeddate unknown
At a glance
- Group
- Medusa
- Status
- Data leaked
- Country
- United States
- Sector
- Financial Services
- Listed on leak site
- May 14, 2025
- Records
- 29 employees
About the victim
AI dossier — public-source company profileTrindel Insurance Fund is a member-driven risk management and insurance pool serving rural counties in Northern California. Operating as a joint powers authority (JPA), it provides property, liability, workers' compensation, and risk control services to member counties, pooling resources for catastrophic incidents while maintaining fiscal responsibility at the individual member level.
- Industry
- Insurance & Risk Management
- Address
- 51 Arbuckle Court, Weaverville, CA 96093, United States
- Employees
- 29
Attack summary
Severity: high — Confirmed data exfiltration (disclosed status: data_published) from a financial services organization managing public sector insurance and risk data for multiple county entities. Breach affects government operations and likely contains sensitive administrative/claims data across multiple member jurisdictions.Medusa claims to have attacked Trindel Insurance Fund. The group has published data from the breach; no specific details on encryption, exfiltration scope, or data types are provided in the leak post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Member county records
- Risk management data
- Claims information
- Employee records
- Organizational/administrative files
What the group claims
Trindel Insurance Fund provides specialized risk management and insurance services for rural counties in Northern California. Trindel Insurance Fund corporate office is located in 51 Arbuckle Ct, Weaverville, California, 96093, United States and has 29 employees.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

