Info@NationalCyberSecurity
Info@NationalCyberSecurity
0

UnitedHealth Group Confirms ALPHV Ransomware Gang Is Behind Attack | #ransomware | #cybercrime


Insurance giant UnitedHealth Group is officially blaming a notorious ransomware group for a major outage that’s been preventing healthcare providers from processing prescriptions. 

The company issued the update as its subsidiary Change Healthcare is still struggling to restore services, a week after suffering the attack, which has ensnared IT systems at hospitals and pharmacies across the country.

“Change Healthcare can confirm we are experiencing a cyber security issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat,” the company said on Thursday. 

The statement clarifies that the attack isn’t exactly from a “suspected nation-state” actor, as UnitedHealth Group initially said. Instead, ALPHV is more of a cybercriminal group, although its members are likely based in Russia. 

The company issued the confirmation a day after ALPHV took to its own site on the Dark Web and claimed responsibility for the attack on Change Healthcare. In some potentially bad news for users, the ransomware gang claims to have stolen 6TB or 6,000GB of data from United Healthcare during the attack. 

“Change Healthcare production servers process extremely sensitive data to all of UnitedHealth clients that rely on Change Healthcare technology solutions. Meaning thousands of healthcare providers, insurance providers, pharmacies, etc,” the group alleged.

As a result, the stolen data encompasses patient medical records, along with other sensitive user information, such as phone numbers, email addresses, and Social Security numbers, the gang claims. Change Healthcare also serves military hospitals, so data on US service members was apparently stolen as well.

Recommended by Our Editors

Interestingly, ALPHV appears to have taken down its original post about stealing data from UnitedHealth Group, which suggests the insurance provider may have paid the ransom.

UnitedHealth Group didn’t respond to a request for comment. In the meantime, the company’s statement notes: “Our experts are working to address the matter and we are working closely with law enforcement and leading third-party consultants, Mandiant and Palo Alto Network, on this attack against Change Healthcare’s systems. We are actively working to understand the impact to members, patients and customers.”

US officials have also issued an alert, warning that ALPHV is focusing on targeting healthcare providers in apparent retaliation after the FBI seized some of the group’s infrastructure in December.

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.





Source link

.........................

National Cyber Security

FREE
VIEW