Change Healthcare, a major entity in the US healthcare sector, has confirmed being targeted by hacker collective ALPHV/Blackcat. “Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat,” reads the official statement.
Optum, a United Health group subsidiary, has stepped forward, acknowledging the cyberattack on Change Healthcare and assuring the public that expert teams are diligently working to address the matter.
In their official statement, they affirm, “Our experts are working to address the matter and we are working closely with law enforcement and leading third-party consultants, Mandiant and Palo Alto Network, on this attack against Change Healthcare’s systems. We are actively working to understand the impact to members, patients, and customers.”
Blackcat Withdrawal from UnitedHealth Claim Sparks Speculation
This revelation follows the initial claim made by ALPHV/Blackcat regarding a cyberattack on Change Healthcare, implicating several other significant entities, including Medicare, MetLife, CVS Caremark, Loomis, HealthNet, and Teachers Health Trust.
The Russia-based ransomware and extortion gang claimed to have stolen millions of Americans’ sensitive health and patient information, a tactic commonly employed by ransomware gangs to exert pressure on victims. They often publish the names of their victims on dark web leak sites, using it as leverage to coerce payment of a ransom demand.
However, on February 29, ALPHV/Blackcat seemingly withdrew its claim on UnitedHealth Group, raising questions about the motive behind this action. As the story continues to unfold, speculation abounds regarding the true intentions behind Blackcat’s actions and the potential motives driving their cyber activities, including the possibility of ongoing negotiations between the victim and the hackers.
Change Healthcare Prioritizes Patient Care and System Restoration
Amidst the chaos, Change Healthcare reiterates its unwavering commitment to patient care, emphasizing that it remains its top priority. Multiple contingency plans are in place to ensure that individuals have uninterrupted access to essential medications and healthcare services.
Despite the cybersecurity incident, Change Healthcare has asserted that there is currently no indication of the issue affecting the systems of Optum, UnitedHealthcare, and UnitedHealth Group.
However, the company remains vigilant and proactive in safeguarding its systems, employing multiple approaches to restore the impacted environment and promptly addressing any potential issues that may arise.
In response to the crisis, Change Healthcare is deploying a multi-faceted approach to restore the impacted environment and strengthen defenses against future cyber threats. Proactive and aggressive measures are being taken across all systems, with a commitment to swift action in the event of any suspected issues.
As stakeholders await further developments in this unfolding saga, the cybersecurity incident serves as a reminder of the persistent threats facing the healthcare industry. The collaboration between Change Healthcare, law enforcement agencies, and cybersecurity experts highlights the collective effort required to safeguard sensitive data and protect the integrity of critical infrastructure.
As the investigation progresses and new insights emerge, stakeholders remain vigilant, recognizing the imperative of adaptive security measures and proactive mitigation strategies in the face of evolving cyber threats. Change Healthcare’s steadfast response highlights the resilience of the healthcare community in navigating the complexities of modern cybersecurity challenges.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
