US healthcare giant Henry Schein hit by second major cyberattack
Healthcare giant Henry Schein is having a nightmare month, having just reported yet another ransomware attack by ransomware group BlackCat.
Earlier this week, the company issued a press release notifying the media of a ransomware attack that occurred on November 22. As a result, the company’s e-commerce platform, as well as a number of apps, were taken offline.
“Certain Henry Schein applications, including the e-commerce platform, are currently unavailable. The company continues to accept orders through alternative means and continues to ship to its customers,” the announcement said.
Shortly after the release of the press release, the company managed to restore the e-commerce platform for US customers and is currently working on bringing it back online for Canadians and Europeans. However, the company still receives orders through alternative channels, BleepingComputer reports.
“Henry Schein has identified the cause of the incident. The threat actor of the previously disclosed cyber incident has claimed responsibility.”
Sensitive data leaks
The threat actor of the previously disclosed cyber incident is ALPHV (AKA Black Cat), which Henry Schein added to the list of breached companies on October 15. This time the attack is the result of the failure of negotiations on the previous one.
The hackers claim to have stolen 35 TB of data from corporate endpoints and will release portions of it daily.
“Despite ongoing conversations with Henry’s team, we have not received any indication of their willingness to prioritize the security of their customers, partners and employees, let alone protect their own network,” the threat actors said.
“Starting at midnight today, some of their internal payroll data and shareholder directories will be published on our collection blog. We will release more data daily.”
Henry Schein is a provider of healthcare products and services with a presence in 32 countries and annual revenues of $12 billion, media reported. Media inquiries are currently not being responded to.