In a recent development that has sent shockwaves through the U.S. healthcare industry, a ransomware group named ‘RansomHub' has claimed responsibility for significant cyber attacks on major healthcare service providers, including Change Healthcare and the United Health Group.
This announcement follows a disturbing revelation that ALPHV, another notorious ransomware group, allegedly pocketed a ransom payment of $22 million to convince the attackers to delete the sensitive data they had stolen from the said healthcare organizations. According to the disclosure made by RansomHub on its extortion portal on the darkweb, despite the ransom payment to ALPHV, they currently possess over four terabytes of highly sensitive data.
This extensive dataset reportedly encompasses a wide range of personal and medical information from clients of Change Healthcare, a key player in the healthcare technology sector that processes transactions for numerous health partners. Among the affected entities are notable names such as Medicare, Tricare, CVS-CareMark, and several insurance companies.
The compromised data includes:
- Personally identifiable information (PII) of millions of active U.S. military personnel
- Medical and dental records
- Payment and claims information
- Over 3000 source code files for Change Healthcare solutions
- Other sensitive data
RansomHub issued a stark warning to Change Healthcare and United Health, stating that this might be their last opportunity to protect their clients' data from being sold to the highest bidder. As of now, there is no evidence to suggest that the stolen data has been leaked or shared publicly, but the threat looms large.
Cyber Insider
The backdrop to this latest cybersecurity crisis involves an earlier attack where ALPHV, also known as BlackCat, reportedly deactivated servers while scamming its affiliates, allowing the leading operators of the syndicate to steal the entire 22 million USD ransom. This incident underscores the complex and often murky world of cybercriminal activities where betrayals and double-crosses seem to be part of the operational risks.
The U.S. government has taken an active interest in these developments, launching investigations to ascertain the veracity of BlackCat's previous claims and the extent of the data breach.
For healthcare organizations and their partners, this event is a stark reminder of the need for robust cybersecurity measures and the importance of vigilance against such threats.
As the situation unfolds, affected organizations must communicate transparently with their clients and stakeholders, ensuring that measures are taken to protect sensitive data and prevent future breaches. The healthcare sector must collectively strengthen its defenses against an ever-evolving threat landscape where the safety and privacy of patients' information are perpetually at risk.
Hacker Claims Breach on EPA, Leaks Sensitive Data Online
Leave a Reply