Therecord.Media
North Korean Lazarus Group Targets US Healthcare with Medusa Ransomware
First seen 24 Feb 2026, 12:10 UTC
•



+15
•87% similarity
•48.7
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Cybersecurity researchers have identified attacks utilizing Medusa ransomware, attributed to the Lazarus group, a North Korean state-backed hacking operation. These attacks are primarily targeting U.S. healthcare organizations, with the ransomware-as-a-service operation impacting over 300 organizations since its emergence in January 2021, and claiming at least 80 additional victims by February 2025.
ThreatCluster AI
Timeline
2021-01-01
Medusa ransomware-as-a-service operation emerged
2025-02-01
Medusa ransomware impacted over 300 organizations
2025-02-01
Lazarus group claimed at least 80 additional victims
2026-02-24
Current attacks on US healthcare organizations reported