Change Healthcare attack that disrupted prescriptions blamed on BlackCat ransomware

However the ransomware operators haven’t claimed responsibility yet

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Last week’s cyberattack against US health tech giant Change Healthcare may yet turn out to beransomwareafter all.

The company recently posted a short announcement on its status update website, sayingsome applications were unavailabledue to a “cyber security issue”.

The incident forced parts of the company’s infrastructure offline, and some login pages were unavailable, leaving some users unable to access their prescriptions.

Major campaign

Major campaign

TechCrunchhas now disclosed that the attack was indeed ransomware, undertaken by none other than ALPHV (BlackCat), according to a “healthcare executive with knowledge of the incident, who was on the call briefed by the company’s executives."

Reutersalso linked BlackCat to the incident. The ransomware group hasn’t added Change Healthcare to its data leak site just yet, which could mean two things: either it wasn’t behind the attack, or it’s still negotiating potential ransom payout with the victim. Usually, hackers steal sensitive data during ransomware attacks and threaten to release it online, unless a payment is made.

Given that Change Healthcare is a major US prescription medication processor, there are good chances that millions of customer’s data was stolen. There is no confirmation that any data was stolen however, and Change Healthcare is yet to comment on the news.

The disruption is affecting more than just Change. Citing Michigan local papers,TechCrunchreported local pharmacies were experiencing outages.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Scheurer Health announced on Facebook that it wasn’t able to process prescriptions through patient insurance due to the “nationwide outage from the largest prescription processor in North America.”

Change Healthcare claims to be handling 15 billion healthcare transactions annually, which would put it firmly as one of the largest health tech firms in the country.

Next to LockBit and Cl0p, BlackCat is one of the biggest and most dangerous ransomware operators out there.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new malware utilizes a rare programming language to evade traditional detection methods

A new form of macOS malware is being used by devious North Korean hackers

Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time