Next Article

The breach has led to a significant disruption within the US healthcare industry

UnitedHealth identifies Blackcat as culprit in healthcare cyber attack

By Akash Pandey 11:37 am Mar 01, 202411:37 am

What's the story Health insurance provider UnitedHealth has pinpointed the cybercriminal group 'Blackcat' as the culprit behind a cyber attack on Change Healthcare, according to Reuters. The breach resulted in a week-long outage of the United-owned Change Healthcare system, causing disruptions in payments at hospitals, clinics, and pharmacies in the US. Change Healthcare acts as a mediator between healthcare providers and insurance firms. The attack has impeded routine transactions such as electronic pharmacy refills and processing new insurance claims.

Claim

Blackcat took responsibility for the latest info theft

In a darknet message, Blackcat claimed to have stolen millions of patient records from UnitedHealth, including sensitive medical and insurance data. The group also confessed, in the same message, to stealing data from Medicare, Tricare, and CVS Health. No information was given regarding the timing of these breaches, and the message was allegedly deleted without clarification on Wednesday.

Information

The breach could extend for weeks: UnitedHealth COO

According to an SEC filing, UnitedHealth first detected suspicious activity on its IT systems on February 21. UnitedHealth COO Dirk McMahon informed STAT News that the breach might extend for weeks. The company is currently setting up a loan program for healthcare providers.

Trajectory

History and current movements

Blackcat, also known as ALPHV, has taken responsibility for several hacks in the past year, including MGM casino breach in Las Vegas and a hack on Reddit's systems. Federal agencies like Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have warned that Blackcat is now deliberately targeting the healthcare system. "Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized," wrote the agencies in a joint cybersecurity advisory.

Scenario

Healthcare records and concerns

In a letter sent on Monday, the American Hospital Association (AHA) informed Department of Health and Human Services (HHS) Secretary Xavier Becerra that Change Healthcare handles nearly one in three patient records in the US. AHA president Richard J. Pollack wrote, "Any prolonged disruption of Change Healthcare's systems will negatively impact many hospitals' ability to offer the full set of health care services to their communities." UnitedHealth is yet to reveal whether it plans to pay any ransom to Blackcat.