Connect with us

Hi, what are you looking for?

Tech & Science

Change Healthcare hit by new cyberattack

What does this attack mean for the healthcare and pharmacy sector? How vulnerable are these industries?

What would a cyberattack on your local government look like? Drata analyzed threat trends to break down the growing issue.
What would a cyberattack on your local government look like? Drata analyzed threat trends to break down the growing issue. - THOMAS SAMSON/AFP // Getty Images
What would a cyberattack on your local government look like? Drata analyzed threat trends to break down the growing issue. - THOMAS SAMSON/AFP // Getty Images

Change Healthcare is allegedly facing a second ransomware attack by RansomHub.. According to Nick Tausek, Lead Security Automation Architect at Swimlane, the details about this attack are: “Change Healthcare, a subsidiary of UnitedHealth, is allegedly facing its second ransomware attack in 2024. A February attack perpetrated by the ALPHV/BlackCat threat actors resulted in significantly disrupted healthcare operations across the county.”

UnitedHealth, parent company of ransomware-hit Change Healthcare, have indicated that the total costs of tending to the February 2024 cyberattack currently stands at $872 million, according to The Register.

It is also established that the RansomHub threat group claimed responsibility for the recent attack and demanded a payment within twelve days.

What does this attack mean for the healthcare and pharmacy sector? How vulnerable are these industries?

Providing insight for Digital Journal is Andrew Costis, Chapter Lead of the Adversary Research Team at AttackIQ.

Costis begins by looking at the attack threshold context, noting: “RansomHub has been increasingly active throughout March and April. The admin of RansomHub has recently confirmed that previous ALPHV/BlackCat affiliates have been actively joining RansomHub. The uptick in activity of RansomHub, and the inactivity of ALPHV/BlackCat also confirms this.”

It is important that firms try to avoid paying out in such circumstances. According to Costis: “Making a ransomware payment may further enable cybercriminals to profit and advance their operations and campaigns, and may further incentivize future attacks.”

In terms of the attack specifics, Costis reveals: 2Although we don’t know the details behind it yet, it’s quite possible that the original ALPHV/BlackCat affiliate had access to the data from Change Healthcare. As ALPHV/BlackCat performed an exit scam, the affiliate is likely attempting to reclaim their ransom payment.”

Continuing with the narrative, Costis says: “Just when Change HealthCare thought they had settled up with the payment they made in February, they are now in a similar position once more. The data stolen includes sensitive data such as medical records, payment information, claims information, patients’ PII, insurance records, source code files, active US military and navy personnel PII, and much more. It also includes partners of Change HealthCare. This serves as a reminder that making a ransomware payment doesn’t guarantee closure.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Tech & Science

Leave it alone. Study, sure, and help people with problems, but don’t turn it into a day job.

Life

Energy drinks are particularly popular with younger people, and such drinks are often marketed strongly towards the younger demographic.

Tech & Science

For a few days, AI chip juggernaut Nvidia sat on the throne as the world's biggest company,.

Tech & Science

The discovery comes from a Roman tomb in Carmona. Here the skeletal remains of a man was immersed in a liquid inside a glass...