Healthcare giant Henry Schein hit twice by BlackCat ransomware

American healthcare company Henry Schein has reported a second cyberattack this month by the BlackCat/ALPHV ransomware gang, who also breached their network in October. Henry Schein is a Fortune 500 healthcare products and services provider with operations and affiliates in 32 countries and a revenue of over $12 billion reported in 2022. More than a month later, on November 22, the company said that some of its apps and the e-commerce platform were again taken down following another attack claimed by BlackCat ransomware. "Certain Henry Schein applications, including its ecommerce platform, are currently unavailable. The Company continues to take orders using alternate means and continues to ship to its customers," it said. "Henry Schein has identified the cause of the occurrence. The threat actor from the previously disclosed cyber incident has claimed responsibility." Today, the company revealed that it has now restored its U.S. e-commerce platform, and it's expecting that its platforms in Canada and Europe will also be back online shortly. Across impacted areas, the healthcare services provider is reportedly still receiving orders through alternative channels and shipping to customers. The BlackCat ransomware gang added Henry Schein to its dark web leak site, saying it breached the company's network and allegedly stole 35 terabytes of sensitive data. According to the cybercrime operation, they re-encrypted the company's devices after negotiations faltered towards the end of October while Henry Schein was on the verge of restoring its systems. This would make this month's incident the third time since October 15 that BlackCat encrypted Henry Schein's systems after breaching its network. "Despite ongoing discussions with Henry's team, we have not received any indication of their willingness to prioritize the security of their clients, partners, and employees, let alone protect their own network," the threat actors said. "As of midnight today, a portion of their internal payroll data and shareholder folders will be published on our collections blog. We will continue to release more data daily." BlackCat emerged in November 2021 and is believed to be a rebrand of the infamous DarkSide/BlackMatter gang. The FBI connected the ransomware group to over 60 breaches affecting organizations globally between November 2021 and March 2022. A Henry Schein spokesperson has yet to respond to BleepingComputer's requests for comment regarding the cyberattacks disclosed this month. MGM casino's ESXi servers allegedly encrypted in ransomware attack. McLaren Health Care says data breach impacted 2.2 million people. Seiko says ransomware attack exposed sensitive customer data. BlackCat ransomware uses new 'Munchkin' Linux VM in stealthy attacks. ALPHV ransomware gang claims attack on Florida circuit court.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to Healthcare giant Henry Schein hit twice by BlackCat ransomware

BlackCat ransomware claims breach of healthcare giant Henry Schein - The BlackCat ransomware gang claims it breached the network of healthcare giant Henry Schein and stole dozens of terabytes of data, including payroll data and shareholder information. Henry Schein is a healthcare solutions provider and a Fortune 500 ...
10 months ago Bleepingcomputer.com
Healthcare giant Henry Schein hit twice by BlackCat ransomware - American healthcare company Henry Schein has reported a second cyberattack this month by the BlackCat/ALPHV ransomware gang, who also breached their network in October. Henry Schein is a Fortune 500 healthcare products and services provider with ...
10 months ago Bleepingcomputer.com
#StopRansomware: ALPHV Blackcat - The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency are releasing this joint CSA to disseminate known IOCs and TTPs associated with the ALPHV Blackcat ransomware as a service identified through FBI ...
9 months ago Cisa.gov
LockBit ransomware now poaching BlackCat, NoEscape affiliates - The LockBit ransomware operation is now recruiting affiliates and developers from the BlackCat/ALPHV and NoEscape after recent disruptions and exit scams. Last week, the NoEscape and the BlackCat/ALPHV ransomware operation's Tor websites suddenly ...
9 months ago Bleepingcomputer.com
US govt probes if ransomware gang stole Change Healthcare data - The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group subsidiary Optum, which operates the Change Healthcare platform, in late ...
6 months ago Bleepingcomputer.com
Cybersecurity in the Healthcare Industry: Protecting Patient Data - In the rapidly advancing era of technology, the healthcare industry faces a critical challenge: protecting patient data from cyber threats. This article will emphasize the significance of cybersecurity in the healthcare industry and explore the ...
8 months ago Securityzap.com
Why healthcare data is often the target of ransomware attacks - Healthcare data in recent years has been a very lucrative target for cyberattacks, particularly ransomware, with attackers holding healthcare information, and potentially patient lives, for ransom. Cybercriminals are increasingly focusing on ...
4 months ago Techtarget.com
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
7 months ago Bleepingcomputer.com
BlackCat Ransomware Raises Ante After FBI Disruption - The U.S. Federal Bureau of Investigation disclosed today that it infiltrated the world's second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang's darknet website, and released ...
9 months ago Krebsonsecurity.com
Best Cloud Security Providers for Healthcare Services - Cloud Security Providers for Healthcare offer specialized services to protect data and applications hosted in cloud environments. When picking a cloud security providers for healthcare, it's important to think about things like how well they follow ...
8 months ago Cybersecuritynews.com
Ransomware's appetite for US healthcare sees known attacks double in a year - Following the February 21 attack on Change Healthcare, scores of people in the US have been living with the brutal, real-world effects of ransomware. It has also created skyrocketing pharmacy bills, pushed some healthcare providers to the edge of ...
6 months ago Malwarebytes.com
The Imperative for Robust Security Design in the Health Industry - COMMENTARY. In an era dominated by digital innovation and technological advancements, healthcare companies find themselves at the intersection of immense opportunity and equally unprecedented risk. The digitalization of patient records, electronic ...
8 months ago Darkreading.com
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
9 months ago Bleepingcomputer.com
Ransomware gang starts leaking alleged stolen Change Healthcare data - The RansomHub extortion gang has begun leaking what they claim is corporate and patient data stolen from United Health subsidiary Change Healthcare in what has been a long and convoluted extortion process for the company. In February, Change ...
5 months ago Bleepingcomputer.com
Norton Healthcare discloses data breach after May ransomware attack - Kentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents. Norton Healthcare serves adult and pediatric patients in more than 40 clinics and ...
10 months ago Bleepingcomputer.com
BlackCat ransomware uses new 'Munchkin' Linux VM in stealthy attacks - The BlackCat/ALPHV ransomware operation has begun to use a new tool named 'Munchkin' that utilizes virtual machines to deploy encryptors on network devices stealthily. Manchkin enables BlackCat to run on remote systems or encrypt remote Server ...
10 months ago Bleepingcomputer.com
DOJ Seizes Ransomware Site as BlackCat Threatens More Attacks - U.S. law enforcement agencies said they shut down the online operations of the notorious Russia-linked BlackCat ransomware-as-a-service group and developed a decryption tool that will help more than 500 victims regain access to their encrypted data ...
9 months ago Securityboulevard.com
ALPHV ransomware site outage rumored to be caused by law enforcement - A law enforcement operation is rumored to be behind an outage affecting ALPHV ransomware gang's websites over the last 30 hours. The ALPHV negotiation and data leak sites suddenly became unavailable yesterday and continue to remain down today. ...
10 months ago Bleepingcomputer.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
Changing How Healthcare Works: Big News in Communication - In a pivotal transformation within the healthcare industry, a prominent shift is currently unfolding. Direct Secure Messaging has emerged as a game-changer, modernising the way vital information is shared among healthcare providers, pharmacies, and ...
7 months ago Cysecurity.news
HHS to investigate UnitedHealth and ransomware attack on Change Healthcare - The U.S. Department of Health and Human Services is launching an investigation into the ransomware attack on Change Healthcare following weeks of disruption to healthcare and billing operations at hospitals, clinics and pharmacies across the country. ...
6 months ago Therecord.media
Cybersecurity Management Lessons from Healthcare Security Breaches - 2024 looks like it will only increase the number of affected individuals considering the scale of ransomware attacks from the first half of the year in the USA, Canada, and Australia. Unusual activity detected on May 8, 2024, caused Ascension ...
4 months ago Esecurityplanet.com
HTC Global Services confirms cyberattack after data leaked online - IT services and business consulting company HTC Global Services has confirmed that they suffered a cyberattack after the ALPHV ransomware gang began leaking screenshots of stolen data. HTC Global Services is a managed service provider offering ...
10 months ago Bleepingcomputer.com
23andMe responds to breach with new suit-limiting user terms The Register - Security in brief The saga of 23andMe's mega data breach has reached something of a conclusion, with the company saying its probe has determined millions of leaked records originated from illicit break-ins into just 14,000 accounts. In an update on ...
10 months ago Go.theregister.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)