Ransomware victim disclosure
← All victimsAppalachian Regional Commission
Claimed by Medusa · listed 1 year ago
Status timeline
- ListedApr 27, 2025
- Data leakeddate unknown
At a glance
- Group
- Medusa
- Status
- Data leaked
- Country
- United States
- Sector
- Public Sector
- Listed on leak site
- Apr 27, 2025
- Records
- 110 employees
About the victim
AI dossier — public-source company profileThe Appalachian Regional Commission is a federal economic development agency established through partnership between the U.S. federal government and 13 state governments. It focuses on regional economic development across 423 counties in the Appalachian Region and operates from its Washington, D.C. headquarters with 110 employees.
- Industry
- Public Sector - Economic Development
- Address
- 1666 Connecticut Ave NW Ste 700, Washington, District of Columbia, 20009, United States
- Employees
- 110
Attack summary
Severity: high — Confirmed exfiltration of data from a U.S. federal government agency with multi-state governance; sensitive government operations and potentially state-level economic/administrative data at risk.Medusa claims to have compromised the Appalachian Regional Commission and published exfiltrated data. No specific details on data types or operational impact are provided in the post.
Data the group says was taken
AI dossier — extracted from the leak post- government records
- administrative data
What the group claims
Appalachian Regional Commission is an economic development agency of the federal government and 13 state governments focusing on 423 counties across the Appalachian Region. Appalachian Regional Commission corporate office is located in 1666 Connecticut Ave NW Ste 700, Washington, District of Columbia, 20009, United States and has 110 employees.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

