Oscars Group Hit by Medusa Ransomware, Hackers Threaten Data Release

The Medusa ransomware group has reportedly infiltrated Oscars Group’s internal systems and is threatening to publish the stolen data unless its ransom demands are fulfilled.

 

Oscars Group is a large, family-owned Australian hospitality company that began in 1986 with a single Sydney pub and has since expanded across NSW, Queensland, and Victoria. Its portfolio now includes hotels, pubs, bars, restaurants, accommodation, gaming venues, event centers, and property developments, as well as major assets like Luna Park Sydney.

 

On November 5, Medusa ransomware group announced that it had infiltrated the internal network of the Australian hospitality company, listing Oscars Group as a victim of its cyber attack on the group’s data leak site. The group claimed to be in possession of confidential data stolen from the company’s internal network and threatened to leak it if its ransom demands are not met.

 

 

Medusa has not specified the total amount of data it had exfiltrated, but it has shared several files to substantiate its claims. Among them are invoice records, staff timesheets, event details with associated contacts, and daily revenue reports from multiple venues. 

 

The documents range from older material to files dated as recently as November 2025. The samples also appear to include scanned driver’s licences and documents listing employees’ home addresses and tax file numbers.

 

According to the directory structure published by Medusa, more than 130,000 files may have been compromised, including passport scans. A large portion of the exposed data is linked to the Lakes Resort Hotel in South Australia, which Oscars Group acquired earlier this year. 

 

Medusa has demanded US$100,000 either to delete the data or to sell it back, and is additionally offering to postpone public release for US$10,000 per day. 

 

As of publication, Oscars Group has not made any public comment on the claims made by the Medusa ransomware group.