Ransomware victim disclosure
← All victimsMedion AG
listed as medion.com · Claimed by Black Basta · listed 2 years ago
Status timeline
- ListedDec 18, 2024
- Data leakeddate unknown
At a glance
- Group
- Black Basta
- Status
- Data leaked
- Country
- Germany
- Sector
- Technology
- Listed on leak site
- Dec 18, 2024
- Data size
- 1.5 TB
About the victim
AI dossier — public-source company profileMedion AG is a German consumer electronics company founded in 1983, headquartered in Essen, Germany. Since its 2011 acquisition by Lenovo, it operates as a subsidiary of the Chinese multinational conglomerate, selling PCs, laptops, and consumer electronics.
- Industry
- Consumer Electronics & Computing Hardware
- Address
- Am Zehnthof 77, 45307 Essen, Germany
- Founded
- 1983
Attack summary
Severity: critical — Confirmed exfiltration of 1.5 TB of sensitive data including financial records, employee personal information, and engineering data from a major multinational subsidiary. Large-scale exposure of regulated and business-critical information.Black Basta claims to have exfiltrated approximately 1.5 TB of data from Medion AG, including corporate records, financial and accounting data, employee personal information and documents, and engineering projects.
Data the group says was taken
AI dossier — extracted from the leak post- Corporate data
- Financial records
- Accounting documents
- Employee personal data
- Employee documents
- Projects
- Engineering data
What the group claims
Medion AG is a German consumer electronics company founded in 1983 by Gerd Brachmann and Helmut Linnemann. The company is headquartered in Essen, Germany, and operates as a subsidiary of the Chinese multinational Lenovo Group since its acquisition in 2011.SITE: www.medion.com Address : Am Zehnthof 77 45307 Essen GermanyTEL#: +49 201 83 83 0ALL DATA SIZE: ≈1.5tb+ 1. Corp data, Financial data, Accounting… 2. Personal employees data and documents 3. Projects 4. Engeneering & etc…
Sources
- Victim sitemedion.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

