Last week’s cyberattack against US health tech giant Change Healthcare may yet turn out to be ransomware.
The company recently posted a brief announcement on its status update website, stating that some applications were unavailable due to a “cybersecurity issue.”
The incident took parts of the company’s infrastructure offline and made some login pages unavailable, leaving some users unable to access their recipes.
Big campaign
TechCrunch has now revealed that the attack was indeed ransomware, carried out by none other than ALPHV (BlackCat), according to a “health executive with knowledge of the incident, who was on the phone and was briefed by company executives.”
Reuters also linked BlackCat to the incident. The ransomware group has not yet added Change Healthcare to its data breach site, which could mean one of two things: either it was not behind the attack, or it is still negotiating the possible ransom payout with the victim. Typically, hackers steal sensitive data during ransomware attacks and threaten to release it online unless a payment is made.
Since Change Healthcare is a major US processor of prescription drugs, there is a good chance that millions of customers’ data has been stolen. However, there is no confirmation that any data has been stolen and Change Healthcare is yet to comment on the news.
The disruption has more consequences than just change. Citing local newspapers in Michigan, TechCrunch reported that local pharmacies were experiencing outages.
Scheurer Health announced on Facebook that it was unable to process prescriptions through patient insurance due to the “nationwide outage at the largest prescription processor in North America.”
Change Healthcare claims to handle 15 billion healthcare transactions annually, which would firmly place it as one of the largest healthcare technology companies in the country.
Alongside LockBit and Cl0p, BlackCat is one of the largest and most dangerous ransomware operators out there.