Ransomware victim disclosure
← All victimsMundelein Park & Recreation District
Claimed by Medusa · listed 1 year ago
Status timeline
- ListedFeb 25, 2025
- Data leakeddate unknown
At a glance
- Group
- Medusa
- Status
- Data leaked
- Country
- United States
- Sector
- Public Sector
- Listed on leak site
- Feb 25, 2025
- Data size
- 118.20 GB
- Records
- 437 employees
About the victim
AI dossier — public-source company profileMundelein Park & Recreation District is a public sector agency operating 33 park sites across Mundelein, Illinois, encompassing over 735 acres of open space including playgrounds, ball fields, lakes, and trails. Established in 1954, it serves the local community with recreational facilities and programming.
- Industry
- Public Parks & Recreation
- Address
- 1401 N Midlothian Rd, Mundelein, Illinois, 60060, United States
- Employees
- 437
- Founded
- 1954
Attack summary
Severity: high — Public sector organization with 437 employees; confirmed exfiltration and publication of 118.20 GB of data. Likely contains PII and operational records of a government entity serving public infrastructure.Medusa claims to have exfiltrated 118.20 GB of data from the district's systems. The group has published the data, though specific data categories have not been detailed in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Administrative records
- Employee records
- Operational data
What the group claims
Mundelein Park & Recreation District (founded in 1954) provides 33 park sites offering over 735 acres of open space, playgrounds, ball fields, lakes, and trails. Mundelein Park & Recreation District corporate office is located in 1401 N Midlothian Rd, Mundelein, Illinois, 60060, United States and has 437 employees. The total amount of data leakage is 118.20 GB
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

