Ransomware victim disclosure
← All victimsArbors of Hop Brook
listed as arborsct.com · Claimed by Medusalocker · listed 3 years ago
Status timeline
- ListedJun 14, 2023
- Data leakeddate unknown
At a glance
- Group
- Medusalocker
- Status
- Data leaked
- Sector
- Business Services
- Listed on leak site
- Jun 14, 2023
About the victim
AI dossier — public-source company profileArbors of Hop Brook is a retirement community and assisted living facility located in Connecticut. The organization provides residential care services for seniors.
- Industry
- Senior Living & Assisted Care
Attack summary
Severity: high — Confirmed exfiltration of sensitive personal and financial data from a healthcare/senior care facility including client agreements, customer data, and financial records. Healthcare data at scale involving vulnerable populations (seniors) meets high severity threshold.MedusaLocker claims to have exfiltrated client case agreements, email correspondence, and financial documents. The group states they will sell contracts, customer data, and financial records for $60,000 if the ransom is not paid.
Data the group says was taken
AI dossier — extracted from the leak post- Client case agreements
- Email correspondence
- Financial documents
- Customer data
- Contracts
What the group claims
DescriptionClient Case – agreement – email(.msg)- and other documents Price: 60000$ One copy will be sold, confidential informationThe company did not take care of the data leak, and therefore we will sell many contracts, customer data, financial component and other documentsin one lot for $ 60,000 for verification in the darknet or bank
Sources
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

