Ransomware victim disclosure
← All victimsDesign To Print
Claimed by Medusa · listed 9 months ago
Status timeline
- ListedOct 14, 2025
- Data leakeddate unknown
At a glance
- Group
- Medusa
- Status
- Data leaked
- Country
- United States
- Sector
- Business Services
- Listed on leak site
- Oct 14, 2025
- Data size
- 3.3 TB
- Records
- 73 Employees
About the victim
AI dossier — public-source company profileDesign To Print is a US-based company operating in the print and design services sector. Based on the company name, it likely provides graphic design, printing, and related business services to commercial or consumer clients. No public site content was available to further characterize scale or location.
- Industry
- Print & Design Services
Attack summary
Severity: high — 3.3 TB of data has been published by Medusa, indicating confirmed large-scale exfiltration of business data. While the specific content is unverified, the volume and published status represent significant exposure; no evidence of regulated/sensitive PII at scale elevates this to critical.The Medusa ransomware group claims to have exfiltrated approximately 3.3 TB of data from Design To Print, with the disclosure status recorded as data_published, indicating the stolen data has been released or made available on their leak site.
Data the group says was taken
AI dossier — extracted from the leak post- Exfiltrated company files (3.3 TB)
- Potentially proprietary design assets
- Potentially client records
- Potentially business documents
What the group claims
Printdaddy design printing is known for its excellence and expertise in indoor, outdoor advertising, custom vinyl banners that are personalized according to your business requirement. Advertise you business well and our designs will bring the best out of your services company is headquartered in 175 N 400 E, St. George, UT 84770, USA. 73 Employees. The total amount of data leakage is 3.3 TB.
The leak post
captured from the group's siteHuman Verify Human verification required We need to ensure you're a real person. Please solve the captcha below to continue. Verify
Sources
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

