Medusa Ransomware Strikes Sems and Specials Inc. - Data Leak and Vulnerabilities Exposed

Incident Date:

June 2, 2024

World map



Medusa Ransomware Strikes Sems and Specials Inc. - Data Leak and Vulnerabilities Exposed


Sems and Specials Inc.




Rockford, USA

Illinois, USA

First Reported

June 2, 2024

Medusa Ransomware Attack on Sems and Specials Inc.

Victim Overview

Sems and Specials Inc. is a manufacturer of various screws, types of washers, head styles, drive styles, materials, as well as other various fastening and connecting elements. The company stands out in the industry as a leading domestic manufacturer of fasteners, offering a diverse portfolio of products and custom solutions. With a size range of 51-200 employees, Sems and Specials Inc. has been in operation since 1991, based in Rockford, Illinois, United States.

Attack Overview

The Medusa ransomware group targeted Sems and Specials Inc., leaking 122.13GB of data. The attack was discovered on June 5, 2024. The leaked data includes sensitive information about the company's operations, potentially compromising their internal systems and customer data.

Ransomware Group Profile

Known for its disruptive capabilities, Medusa is a ransomware group that emerged in late 2022 and gained notoriety throughout 2023 and into 2024. Operating as a Ransomware-as-a-Service (RaaS) platform, the group allows affiliates to use its ransomware to launch attacks. Medusa distinguishes itself by targeting various sectors globally with sophisticated attacks, demanding substantial ransoms for decryption keys.

Company Vulnerabilities

There are several reasons why Sems and Specials Inc. may have been targeted by threat actors like the Medusa ransomware group. The sensitive nature of their manufacturing operations, the company's reliance on digital systems to manage production processes, and store valuable data could have made them vulnerable to cyber attacks. Additionally, the size and industry prominence of Sems and Specials Inc. may have made them an attractive target for ransomware groups seeking to extort large sums of money.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.