Change Healthcare, a key division of UnitedHealth Group, confirmed last Thursday that it fell victim to a cyberattack now believed to have been orchestrated by the ransomware group Blackcat. The attack has led to widespread disruptions within pharmacies and health systems across the United States.
In a statement to CNBC, Change Healthcare disclosed that it is actively working with law enforcement and cybersecurity experts from Mandiant and Palo Alto Networks to mitigate the impact of the attack. The company is striving to understand the full extent of the breach, with the hacking group Blackcat claiming the theft of six terabytes of data, including medical records, insurance information, and payment details.
The cyberattack was mentioned in a dark web post by Blackcat, also known as Noberus or ALPHV, where the group claimed responsibility and boasted about the data exfiltration. However, this post was subsequently deleted.
Blackcat, recognized by the U.S. Department of Justice as a prolific ransomware operator, is known for its strategy of stealing sensitive data from organizations and demanding ransom payments to prevent the publication of the stolen information. The group’s activities have inflicted hundreds of millions of dollars in losses worldwide, affecting a broad range of institutions.
Cybersecurity experts caution against taking Blackcat’s claims at face value, as ransomware groups are known to exaggerate the scope of their data theft to pressure victims into negotiating ransom payments. Nonetheless, the breach at Change Healthcare serves as a stark reminder of the cybersecurity challenges facing the healthcare sector and the importance of robust defenses to protect sensitive patient information.
Expanded Coverage: