Ransomware victim disclosure
← All victimsCache Valley ENT
Claimed by Medusa · listed 1 year ago
Status timeline
- ListedFeb 12, 2025
- Data leakeddate unknown
At a glance
- Group
- Medusa
- Status
- Data leaked
- Country
- United States
- Sector
- Healthcare
- Listed on leak site
- Feb 12, 2025
- Data size
- 210.10 GB
- Records
- 18 employees
About the victim
AI dossier — public-source company profileCache Valley ENT is a local ear, nose, and throat specialty clinic located in North Logan, Utah, serving the Cache Valley region. The practice operates with 18 employees from its office in Logan, Utah.
- Industry
- Healthcare - Otolaryngology (ENT)
- Address
- 2380 N 400 E Ste D, Logan, Utah, 84341, United States
- Employees
- 18
Attack summary
Severity: critical — Healthcare provider with confirmed exfiltration of 210.10 GB of data and published disclosure. Medical records constitute regulated protected health information (PHI) under HIPAA; breach at scale involving patient data is inherently critical.Medusa group claims to have exfiltrated 210.10 GB of data from Cache Valley ENT. The group has published the data, indicating both encryption and data theft occurred.
Data the group says was taken
AI dossier — extracted from the leak post- Patient medical records
- Personal health information
- Administrative records
- Financial records
What the group claims
Cache Valley ENT is a local ear, nose, and throat (ENT) clinic located in North Logan, UT. Cache Valley ENT corporate office is located in 2380 N 400 E Ste D, Logan, Utah, 84341, United States and has 18 employees. The total amount of data leakage is 210.10 GB
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

