Ransomware

ALPHV/BlackCat reportedly behind Change Healthcare hack

Reuters reports that the ALPHV/BlackCat ransomware operation allegedly targeted major U.S. healthcare revenue and payment cycle management provider Change Healthcare in a cyberattack that has resulted in a nearly week-long prescription processing outage in pharmacies across the U.S.

Such claims from two individuals close to the matter were not yet confirmed by Change Healthcare and parent firm UnitedHealth, as well as the ransomware gang. However, the sources noted that the investigation into the incident is being managed by Mandiant, which the cybersecurity firm has affirmed. Emsisoft threat analyst Brett Callow noted that linking the attack to ALPHV/BlackCat challenges UnitedHealth's claims that a state-backed threat operation had done the intrusion. "I am not aware of any links between ALPHV and a nation-state. As far as I am aware they are financially motivated cybercriminals and nothing more," Callow said. Such a development comes two months after ALPHV/BlackCat had its websites and digital keys seized in an international law enforcement takedown but the ransomware group warned of targeting hospitals and critical infrastructure organizations after retrieving the disrupted infrastructure.

Related

LockBit-hit French hospital rejects ransom payment

Major French health provider Hôpital de Cannes - Simone Veil, or CHC-SV, has confirmed dismissing the demands issued by the LockBit ransomware operation following an attack last month, which resulted in the disruption of nearly 30% of non-urgent surgeries and a return to paper and pen recording of patient charts, according to Cybernews.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.