Ransomware gang claims they stole 6TB of Change Healthcare data

The BlackCat/ALPHV ransomware gang has formally claimed duty for a cyberattack on Optum, a subsidiary of UnitedHealth Group (UHG), which led to an ongoing outage affecting the Change Healthcare platform.

Change Healthcare is the biggest cost change platform utilized by greater than 70,000 pharmacies throughout the United States. UHG is the world’s largest healthcare firm by income, using 440,000 folks worldwide and dealing with over 1.6 million physicians and care professionals in 8,000 hospitals and different care services.

In an announcement printed on their darkish net leak web site right this moment, BlackCat mentioned that they allegedly stole 6TB of data from Change Healthcare’s community belonging to “hundreds of healthcare suppliers, insurance coverage suppliers, pharmacies, and so forth.”

“Being inside a manufacturing community one can think about the quantity of crucial and delicate data that may be discovered. The data pertains to all Change Health purchasers which have delicate data being processed by the corporate,” BlackCat mentioned.

The ransomware gang claims that they stole supply code for Change Healthcare options and delicate info belonging to many companions, together with the U.S. navy’s Tricare healthcare program, the Medicare federal medical insurance program, CVS Caremark, MetLife, Health Net, and tens of different healthcare insurance coverage suppliers.

Per BlackCat’s claims, the delicate data stolen from Change Healthcare incorporates a variety of info on thousands and thousands of folks, together with their:

  • medical information
  • insurance coverage information
  • dental information
  • funds info
  • claims info
  • sufferers’ PII data (i.e., telephone numbers, addresses, social safety numbers, e-mail addresses, and extra)
  • energetic U.S. navy/navy personnel PII data

On a devoted standing web page, Optum warned hours earlier than this text was printed that they’re nonetheless engaged on restoring impacted programs to deliver them again on-line, including that Optum, UnitedHealthcare, and UnitedHealth Group programs haven’t been affected.

While UnitedHealth Group VP Tyler Mason didn’t verify that BlackCat was behind the incident, Mason informed BleepingComputer earlier this week that 90% of the affected 70,000+ pharmacies have switched to new digital declare procedures to deal with the Change Healthcare points.

Today, BlackCat additionally denied that associates who breached Change Healthcare’s community used a crucial ScreenConnect auth bypass flaw (CVE-2024-1709), as BleepingComputer was informed earlier this week by sources aware of the investigation.

On Tuesday, the FBI, CISA, and the Department of Health and Human Services (HHS) warned that Blackcat ransomware associates primarily goal organizations within the U.S. healthcare sector.

“Since mid-December 2023, of the practically 70 leaked victims, the healthcare sector has been probably the most generally victimized,” the three federal businesses mentioned.

“This is probably going in response to the ALPHV Blackcat administrator’s publish encouraging its associates to focus on hospitals after operational motion towards the group and its infrastructure in early December 2023.”

The FBI beforehand linked BlackCat to over 60 breaches throughout its first 4 months of exercise (between November 2021 and March 2022) and mentioned the gang raked in a minimum of $300 million in ransoms from over 1,000 victims till September 2023.

The U.S. State Department now provides as much as $15 million for ideas that assist determine or find BlackCat gang leaders and people linked to the group’s ransomware assaults.

Information:
We are right here to supply Educational Knowledge to Each and Every Learner for Free. Here We are to Show the Path in the direction of Their Goal. This publish is rewritten with Inspiration from the Bleepingcomputer. Please click on on the Source Link to learn the Main Post

Bleepingcomputer:
Source link

Contact us for Corrections or Removal Requests
Email: [email protected]
(Responds inside 2 Hours)”

Related Articles

Back to top button
close