iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The US healthcare sector is under strain following a major cyber attack courtesy of the recently revived ALPHV ransomware gang.
Despite having been taken down by the FBI and other global law enforcement late last year, ALPHV (also known as BlackCat) is back and is hitting hard.
As per its promise to hit higher profile and more critical targets such as hospitals and healthcare centres, the group is reportedly responsible for an attack on US healthcare provider Change Healthcare, a subsidiary of UnitedHealth, the largest healthcare organisation in the US.
Change Healthcare is a healthcare technology organisation that provides services relating to payment and revenue cycle management.
According to reports, Change Healthcare was hit by ALPHV last week when the organisation reported that threat actors had gained access to its IT systems on 21 February.
“On February 21, 2024, UnitedHealth Group (the ‘company’) identified a suspected nation-state associated cyber security threat actor had gained access to some of the Change Healthcare information technology systems,” UnitedHealth wrote in a Securities and Exchange Commission (SEC) filing.
“Immediately upon detection of this outside threat, the company proactively isolated the impacted systems from other connecting systems in the interest of protecting our partners and patients, to contain, assess and remediate the incident.
“The company is working diligently to restore those systems and resume normal operations as soon as possible but cannot estimate the duration or extent of the disruption at this time.
“The company has retained leading security experts, is working with law enforcement and notified customers, clients and certain government agencies.
“At this time, the company believes the network interruption is specific to Change Healthcare systems, and all other systems across the Company are operational.”
The attack and subsequent system disconnect has affected pharmacies and healthcare organisations across the US, including military clinics and hospitals in the US and around the world, according to TRICARE.
“A reported cyber attack on the nation’s largest commercial prescription processor, Change Healthcare, has affected military clinics and hospitals worldwide,” it wrote.
UnitedHealth said that despite the outage, 90 per cent of the 70,000 pharmacies nationwide have established electronic workarounds.
While Cyber Daily has observed that ALPHV has not listed Change Healthcare on its dark web leak site, the move is consistent with statements made by the threat group late last year following its FBI takedown.
“Because of [the FBI’s] actions, we are introducing new rules, or rather removing ALL the rules except one, you can not touch the CIS [Commonwealth of Independent States], you can now block hospitals, nuclear power plants, anything and anywhere,” it said.
Be the first to hear the latest developments in the cyber industry.
