Penticton and District Society for Community Living Listed by medusalocker Ransomware Group
Canadian charity providing disability-related services. CRA Registration: 119090686RR0001 | Penticton, British Columbia, Canada
On July 1, 2026, the MedusaLocker ransomware group added the Penticton and District Society for Community Living to its public leak site, confirming that internal files from the British Columbia charity had been exfiltrated.
Confirmed Facts from Reporting
Public reporting indicates the Penticton and District Society for Community Living, a Canadian registered charity (CRA 119090686RR0001) that provides disability-related services in Penticton, British Columbia, was listed on the MedusaLocker leak site. The group claims to have stolen internal files during a ransomware attack. Exact volume of data and the specific types of records remain unclear from available reporting, but ransomware incidents of this nature routinely involve employee, client, donor, and operational documents. No confirmed count of affected individuals has been released.
Why This Matters for You and Your Family
When a local charity or nonprofit that serves your community suffers a breach, the information exposed can easily include details tied to you or someone you care about. Employee records, client intake forms, donor lists, and correspondence often contain names, addresses, dates of birth, Social Insurance Numbers, medical notes, banking information, and email addresses. Once these files leave the organization’s control, they can appear on dark-web marketplaces within days. For ordinary families, this means heightened risk of identity theft, fraudulent loan applications in your name, or targeted scams that reference your connection to the charity.
Even if you were never a direct client, volunteers, board members, and donors are frequently swept into the same datasets. The breach therefore touches a wide circle of everyday people who simply interacted with a trusted local service provider.
The Doxxing and Identity-Chain Implications
Ransomware leaks rarely stop at one organization. Stolen internal files often contain spreadsheets that link personal details to usernames, email addresses, and phone numbers. Attackers and subsequent data brokers can chain these fragments together with information from other breaches, creating detailed profiles that include family relationships, children’s names, and even gaming account handles. Credential leaks like this one cascade into account takeovers on email, social media, and gaming platforms, which in turn expose chat logs, location data, and photos. The result is a doxxing chain that can escalate from identity theft to harassment or financial fraud.
MedusaLocker’s Publicly Known Track Record
Public reporting attributes MedusaLocker with emerging in 2019 and maintaining a consistent double-extortion model: encrypt victim systems, exfiltrate data, then threaten to publish it unless ransom is paid. The group has listed hundreds of organizations across North America and Europe, with notable prior victims including healthcare providers, municipalities, manufacturers, and nonprofits. Their typical playbook begins with phishing or remote desktop protocol compromise for initial access, followed by lateral movement to harvest files before encryption. Extortion deadlines are usually short, often seven to ten days, after which samples or full datasets are posted to their leak site.
What to do
- Run a DoxxScan to map every link between your emails, phone numbers, handles, and real-world identity so you can see exactly what this breach may have exposed about you and your family.
- Rotate any password you used at the Penticton and District Society for Community Living or any related service, then enable two-factor authentication through an authenticator app rather than SMS.
- Enable continuous DoxxScan monitoring across 15.4 billion breach records and more than 100 platforms so the next leak that touches your data is flagged within hours instead of months.
- Cover your entire household with DoxxScan family protection, which extends to dependents and children’s gaming accounts that often chain back to the same address or parent email.
- Let remediation specialists handle takedown requests across data brokers and leak sites on your behalf while you focus on securing accounts and monitoring statements.
The incident shows how quickly a single nonprofit breach can feed larger identity chains that affect ordinary families for years. Taking concrete steps now limits the damage and reduces the chance that your information becomes part of the next extortion campaign. DoxxScan by GalaxyWarden delivers continuous monitoring across 15.4B+ breach records and 100+ platforms, AI-powered identity-chain mapping, hands-on remediation by specialists, and household coverage that includes children’s gaming accounts. Start your DoxxScan trial today to gain clear visibility and expert assistance before the next wave of abuse begins.
Related breaches
Forces Listed by medusalocker Ransomware Group
Organization with 28 emails extracted. Domain: ***.gc.ca…
Virginia Historical Society Listed by thegentlemen Ransomware Group
***.org zoominfo.com/c/virginia-historical-society/184942664 is the digital platform for the Virgini…
Mount Royal University Listed by cmdorganization Ransomware Group
The university was established in 1910. Mount Royal University is a public university in Calgary, Ca…
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →