Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label United Health. Show all posts
United Health
ALPHV/BlackCat Change Healthcare cyber attack Ransomware United Health

Ransomware Attack Targets Healthcare Giant, Change Healthcare

 


A recent cyberattack on Change Healthcare, a subsidiary of United Health, has led to a distressing data extortion situation, further complicating an already tumultuous ordeal. Let's delve into the details to understand the gravity of the situation and its potential repercussions.


Background

In February, Change Healthcare fell victim to a cyberattack, causing significant disruptions in the US healthcare system. The attack, attributed to the BlackCat/ALPHV ransomware operation, resulted in the theft of approximately 6 TB of data.


Double Extortion Tactics

Following intense pressure from law enforcement, the BlackCat gang abruptly shut down their operation amidst allegations of an exit scam. Subsequently, an affiliate named "Notchy" joined forces with the RansomHub gang to engage in a double extortion scheme against Change Healthcare. Despite rumours of a ransom payment, the threat actors are now threatening to release the stolen data unless their extortion demands are met.


Data Leak and Implications

Screenshots of purportedly stolen data, including corporate agreements and sensitive patient information, have begun circulating online. The leaked information not only jeopardises the privacy of individuals but also raises concerns about potential financial repercussions for Change Healthcare and its affiliates.


Response and Investigation

Change Healthcare has refrained from commenting on the situation, leaving many questions unanswered. Meanwhile, the Department of Health and Human Services has launched an investigation into the incident to assess potential breaches of healthcare data regulations.


Financial Fallout

The fallout from the cyberattack has hit hard financially, with UnitedHealth Group revealing substantial losses of $872 million during the first quarter of this year. These losses cover not only the direct costs of responding to the attack but also the wider disruptions it caused across the company's operations. Additionally, the timing of public sector cash receipts has been affected, further exacerbating the financial impact. Furthermore, UnitedHealth Group disclosed that it had advanced approximately $3 billion to healthcare providers whose finances were disrupted by the attack.


With data security at the forefront of public discourse, it underscores the growing threat posed by ransomware attacks in critical sectors such as healthcare. The need for robust cybersecurity measures and proactive response strategies has never been more apparent, as organisations grapple with the devastating consequences of data breaches and extortion attempts.


Read more »
United Health
Cyber Attacks Medical Breach Ransomware United Health

United Health Allegedly Paid $22M Ransomware


Change Healthcare breach

There is evidence that the ransomware group behind the Change Healthcare breach, which has caused chaos for hospitals and pharmacies attempting to handle prescriptions, may have received $22 million from UnitedHealth Group.

Researchers studying security issues discovered a post made by an associate member claiming to be a member of the ALPHV/Blackcat ransomware group in a Russian forum used by cybercriminals. According to the member, Optum, a subsidiary of UnitedHealth Group, paid $22 million to obtain a decryption key and "prevent data leakage" to escape the continuous disruption at Change Healthcare, another UnitedHealth subsidiary.

After that, the forum post provides a link to a Bitcoin wallet that appears to have received 350 bitcoins. ALPHV, which mentions Recorded Future and TRM Labs as security companies, has also been linked to the same wallet.  

$22 Million ransom?

Ironically, the affiliate member divulged claims that they were duped out of that $22 million by the administrators of ALPHV. The affiliate member continues, saying, "Be careful everyone, and stop dealing with ALPHV." They claim to still have 4TB of Change Healthcare stolen data.  

A representative for UnitedHealth Group stated, "All I can share is that we remain focused on the investigation and recovery of our operations," in response to the alleged Bitcoin payment.

With no assurances that any of the stolen data will be erased, $22 million would rank among the largest ransomware payments if it turns out to be accurate. The current record holder is a $40 million payout made in 2021 by insurance behemoth CNA.

Additionally, the $22 million might give ransomware groups greater confidence to target the US health industry. For Change Healthcare, "connectivity issues" are still present on the platform two weeks after the ransomware outbreak started. Congressmen in the US were even moved by the disruption to request federal funding to cover the prescriptions' interim costs.

Why it is important?

The latest provider group to call for action in response to the disruption brought on by the cyberattack is the American Medical Association.

The American Medical Association has requested that the Biden administration provide emergency funding to doctors impacted by the outage.

The AMA wrote to Health and Human Services Secretary Xavier Becerra that physician practices have been forced to go without revenue for the twelfth day due to the cyber-takedown of Change Healthcare. 

The American Medical Association is pleading with Becerra to make use of all the powers at her disposal to guarantee the survival of medical practices and the provision of necessary treatment to patients.

The bigger picture

Speaking out about the interruptions to payments and operations brought about by Change's cybersecurity compromise, the AMA joins the AHA and MGMA in this regard.

This "is not even a band-bid on the payment problems," the American Hospital Association stated in a letter dated March 4 to Dirk McMahon, president, and chief operating officer of UnitedHealth Group, in response to the company's offer of Temporary Funding Assistance Program to resume hospital payment operations.

In a letter to the Department of Health and Human Services, MGMA requested enforcement discretion, financial resources, and direction to prevent what it described as a worsening of the negative effects on medical groups. 


Read more »
Subscribe to: Posts (Atom)