An ongoing cyberattack at U.S. well being tech large Change Healthcare that sparked outages and disruption to hospitals and pharmacies throughout the U.S. for the previous week was brought on by ransomware, information.killnetswitch has discovered.
A healthcare govt with information of the incident, who was on the decision briefed by the corporate’s executives, mentioned the healthcare tech large attributed the cyberattack to the BlackCat ransomware group.
Reuters first reported the information linking the cyberattack to BlackCat, citing two folks accustomed to the incident.
A spokesperson for Change Healthcare didn’t instantly reply to a request for remark.
BlackCat, additionally also known as ALPHV, has not but publicly claimed duty for the cyberattack. Ransomware and extortion gangs sometimes publish parts of a sufferer’s stolen information to extort a ransom demand. Ransomware assaults sometimes scramble a sufferer’s information and demand a ransom to obtain the decryption key. Newer cyberattacks usually contain cybercriminals stealing a sufferer’s information earlier than encrypting it.
It’s not but identified if affected person information was stolen within the ransomware assault.
UnitedHealth Group, the mother or father firm of Change Healthcare and the most important U.S. medical insurance supplier, mentioned in a authorities regulatory submitting final week that it recognized a “suspected nation-state” menace actor in its methods, however didn’t attribute the cyberattack to a particular authorities or state.
The accuracy of UHG’s cyberattack attribution stays unclear, as cybersecurity researchers haven’t beforehand linked the BlackCat gang to a nation state or authorities.
Change Healthcare is an American healthcare tech large and one of many nation’s largest processors of prescription drugs, dealing with prescriptions and billing for greater than 67,000 pharmacies throughout the U.S. healthcare system. The healthcare tech large handles 15 billion healthcare transactions yearly — or about one-in-three U.S. affected person data.
UnitedHealth Group collectively offers over 53 million U.S. prospects with profit plans and one other 5 million outdoors of the USA, in line with its newest full-year earnings report. Optum serves about 103 million U.S. prospects.
The cyberattack at Change Healthcare started on February 21 early on the U.S. East Coast, inflicting widespread outages at pharmacies and healthcare amenities. Change Healthcare mentioned it took a lot of its methods offline to expel the hackers from its methods.
Change Healthcare’s incident tracker web page exhibits practically all of its customer-facing methods stay offline.
Hospitals, healthcare suppliers and pharmacies have reported that they’re unable to satisfy or course of prescriptions by sufferers’ insurance coverage.
The American Hospital Affiliation (AHA), which represents greater than 5,000 hospitals and healthcare suppliers, instructed its members in a discover final Friday to “contemplate disconnection from Optum till it’s independently deemed secure to reconnect,” and warned of “important cascading and disruptive results” brought on by the cyberattack.
Columbia College, which runs considered one of New York’s largest hospitals, instructed workers on Friday to disconnect all its methods from UnitedHealth Group, Change Healthcare and Optum and blocked entry to their e mail domains.
Tricare, the U.S. army’s medical insurance supplier for energetic army personnel, mentioned in an announcement that the cyberattack at Change Healthcare is “impacting all army pharmacies worldwide and a few retail pharmacies nationally.”
BlackCat/ALPHV have beforehand taken credit score for cyberattacks focusing on U.S. healthcare large Norton, news-sharing web site Reddit, and mortgage and mortgage large Constancy Nationwide Monetary.
Do you’re employed at LoanDepot and know extra concerning the incident? You’ll be able to contact Zack Whittaker on Sign and WhatsApp at +1 646-755-8849, or by e mail. You can also contact us through SecureDrop.
