Medusa crime group claims attack on BioMatrix, demands ransom

The Medusa ransomware group is suspected of compromising the data of BioMatrix, a national specialty pharmacy chain based in Florida, USA. BioMatrix, recognized as one of the Inc. 5000 fastest-growing private companies in America, appears to be the latest target of this cybercriminal group.

No official statement has been provided by BioMatrix and their remains active and does not exhibit any overt indications of the cyberattack.

Details of the BioMatrix data breach have surfaced on the Medusa ransomware group's dark web blog. According to the information posted there, the breach, announced on December 17, 2023, at 15:39:27 UTC, involves sensitive information including CVS Health contracts and purported patient complaints.

At this moment it's unclear whether the breach is real or not and what data is breached.

Medusa ransomware has issued an ultimatum to BioMatrix, setting a deadline of just under 11 days from the notice publication, and is demanding a one million dollars ransom of one million USD to avert public data disclosure.