February’s crippling ransomware assault towards Change Healthcare, which noticed prescription orders delayed throughout the US, continues to have critical penalties.
The cybercriminal group RansomHub revealed a portion of what it claims to be the numerous hundreds of thousands of affected person information it stole within the assault on the darkish internet, together with medical info, insurance coverage information, and billing particulars.
RansomHub claims 4TB of stolen knowledge are up on the market to the best bidder until Change Healthcare pays a ransom. Â The haul is claimed to additionally include contracts and authorized agreements between Change Healthcare and its enterprise companions.
What makes the scenario relatively extra complicated is that RansomHub shouldn’t be the primary cybercriminal group to assert duty for the extremely disruptive Change Healthcare hack.
The ransomware assault was initially attributed to the BlackCat ransomware gang (often known as ALPHV). Certainly, it was reported that BlackCat/ALPHV had acquired a cryptocurrency fee equal to US $22 million in early March in what was extensively assumed to be a ransom fee.
If that is correct, why would a special cybercrime gang now look like demanding a ransom fee from Change Healthcare? Is that this a separate knowledge breach, or two completely different teams making an attempt to extort cash for a similar theft?
What is feasible is that the safety breach is being linked to 2 completely different teams as a result of associates and members of a ransomware gang have fallen out with one another and squabbled about how greatest to divide the proceeds.
For its half, RansomHub informed Wired that it was not affiliated with the BlackCat/ALPHV group and declined to reveal the ransom quantity demanded from Change Healthcare.
Regardless of the actuality is of who stole what, and the way a lot ransom they could have demanded, the sale of the exfiltrated knowledge raises the stakes dramatically for each sufferers and the trade as an entire.
Sufferers now discover themselves at elevated danger of identification theft and monetary fraud, in addition to doubtlessly discrimination based mostly upon their leaked medical info. Â In the meantime, insurers concern they could see a major surge in fraudulent claims which – in flip – might drive up prices for customers.
None of which is sweet information, and raises an attention-grabbing query – how will Change Healthcare reply to the newest ransom demand?
Change Healthcare’s mother or father firm, UnitedHealth Group, says that it continues to “make progress in mitigating the influence” of February’s cyber assault.
