Ransomware Group Leaks Data From UnitedHealth Hack, Demands More Money | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

A ransomware group has published data allegedly stolen from Change Healthcare, a UnitedHealth Group subsidiary, in an effort to pressure the company into paying a second extortion demand.

Ransomhub on Monday posted screenshots from several files, which it claims come from 4TB of data stolen from Change Healthcare. One screenshot shows the full name, date of birth, address, and phone numbers of a patient based in Florida. Another appears to be a spreadsheet cataloging a list of patients, including their personal details.  

The health insurance provider may have already paid $22 million to another ransomware group, ALPHV, which initially claimed to be behind the Change Healthcare breach, an attack that disrupted pharmacies and hospitals across the US. 

The problem is that ALPHV allegedly absconded with the $22 million and did not distribute any money to Ransomhub, which says it’s actually responsible for the breach. Ransomhub claims it’s in possession of the stolen data, and is now demanding UnitedHealth pay a second time.

“It is just unbelievable the amount and sensitivity of data that Change Healthcare was in possession of,” the group wrote on the Ransomhub site on the dark web. “The more we go through the data, the more we are shocked of the amount of financial, medical, and personal information we find and it will be more devastating than the first attack itself.”

UnitedHealth Group hasn’t confirmed if the published data is legitimate, or if it paid the first $22 million ransom. So far, the company has only said: “We are working with law enforcement and outside experts to investigate claims posted online to understand the extent of potentially impacted data. Our investigation remains active and ongoing. There is no evidence of any new cyber incident at Change Healthcare.”

Recommended by Our Editors

However, the company is already paying a fortune to recover from the cyberattack. In an earnings report on Tuesday, UnitedHealth said it paid $872 million in response to the data breach. In addition, the company has budgeted another $800 million “out of prudence, due to the potential for the cyberattack to affect claims receipt timing.”

Ransomhub is giving UnitedHealth three days to respond or it plans on auctioning off the information to the highest bidder.

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.


Click Here For The Original Source.


National Cyber Security