John R Wood properties medusa hack

Ransomware group Medusa today claimed it hacked Florida real estate company John R. Wood Properties and stole 1.07 TB of data. On its leak site, Medusa demanded $2 million to delete the data and not sell or release it.

John R Wood has not confirmed the attack, including what data and systems were affected and whether a ransom was demanded. Comparitech contacted John R Wood Properties for comment and will update this article if it responds.

Who is Medusa?

Medusa entered the ransomware scene in September 2019 and debuted its leak site in February 2023, where it publishes stolen data of victims who don’t pay ransoms. Medusa often uses a double-extortion approach in which victims are forced to pay twice: once to decrypt their systems, and once for not selling or publishing stolen data.

Medusa has been confirmed as the gang behind nine attacks in the US so far this year. These include attacks on Water for People, Signature Performance, Inc. Henry County, Tarrant Appraisal District, and the East Baton Rouge Sheriff’s Office. The Signature Performance’s hack saw 7,122 people affected, and Medusa demanded $2.5 million (no confirmation on payment).

Medusa is responsible for 51 confirmed attacks since 2018, according to our data.

About John R Wood

Founded in 1958, John R Wood is a real estate company that buys and sells homes in Southwest Florida. According to its website, it sold 3,440 properties in the last year. It’s a partner of Christie’s International Real Estate.