Ransomware group medusa hits Grandview Family Medicine
Grandview Family Medicine — a healthcare target operating in US has been listed by the medusa ransomware group on 2026-02-08. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.
Incident Report
| Target Organization | Grandview Family Medicine |
|---|---|
| Threat Group | medusa |
| Summary | Grandview Family Medicine is a healthcare provider offering a range of services including family medicine, obstetrics, women's health, men's health, and pediatrics. They operate clinics in Provo and Cedar Hills and provide both in-person and telehealth appointments for their patients. The clinic emphasizes comprehensive care, addressing chronic disease management, mental health, urgent visits, and minor procedures. Their intended clients include families and individuals seeking quality healthcare across various age groups. The company headquarters is located in 1900 North State Street Provo, Utah 84604 United States. 11-50 Employees |
| Date of Breach | 2026-02-08 |
| Discovery Date | 2026-02-14 |
| Region | US |
| Target Domain | grandviewfamilymedicine.com |
| Business Sector | Healthcare |
| Severity | HIGH |
| Ransom Demand | 100000 |
Claim by medusa
Grandview Family Medicine is a healthcare provider offering a range of services including family medicine, obstetrics, women's health, men's health, and pediatrics. They operate clinics in Provo and Cedar Hills and provide both in-person and telehealth appointments for their patients. The clinic emphasizes comprehensive care, addressing chronic disease management, mental health, urgent visits, and minor procedures. Their intended clients include families and individuals seeking quality healthcare across various age groups. The company headquarters is located in 1900 North State Street Provo, Utah 84604 United States. 11-50 Employees
Posted by the medusa threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.
Sources
Victim website
grandviewfamilymedicine.com
Leak post (onion / Tor)
http://xfv4jzckytb4g3ckwemcny3ihv4i5p4lqzdpi624cxisu35my5fwi5qd.onion/detail?id=31770055ce6e55305f0b58bcb226164b
Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.
Disclaimer
HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.