Ransomware group medusalocker hits Colegio María Inmaculada (CMI)
Colegio María Inmaculada (CMI) — a education target operating in CR has been listed by the medusalocker ransomware group on 2026-05-05. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.
Incident Report
| Target Organization | Colegio María Inmaculada (CMI) |
|---|---|
| Threat Group | medusalocker |
| Summary | Catholic school in Moravia, Costa Rica. Domain cmi.local / mariainmaculada.ed.cr. Servers: CMI-DC01, CMI-APP, CMI-HTTP2, main-server1/2. |
| Date of Breach | 2026-05-05 |
| Discovery Date | 2026-05-05 |
| Region | CR |
| Target Domain | mariainmaculada.ed.cr |
| Business Sector | Education |
| Severity | HIGH |
Claim by medusalocker
Catholic school in Moravia, Costa Rica. Domain cmi.local / mariainmaculada.ed.cr. Servers: CMI-DC01, CMI-APP, CMI-HTTP2, main-server1/2.
Posted by the medusalocker threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.
Sources
Victim website
mariainmaculada.ed.cr
Leak post (onion / Tor)
http://t33zoj4qwv455fog7qnb2azi5xcdxkixughmmduzbw2rtdgryqfbh6id.onion/company/baratai/
Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.
Disclaimer
HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.