Η Change Healthcare, it seems that he fell victim to a second group hacking using ransomware, just weeks after recovering from an attack by the group ALPHV.
See also: HealthEC LLC: Data breach affects 4.5 million patients
The RansomHub group claimed responsibility for a ransomware attack against Change Healthcare in the last few hours, claiming to have 4 TB of company data containing personal information (PII) belonging to active personnel in the USA and other patients, medical records, payment information and more.
The thugs demand a ransom payment from the business in the health sector within 12 days, otherwise the data will be sold to the highest bidder.
If the criminals' claims are true, Change Healthcare will now consider whether it should pay the ransomware group during a difficult period for the company, which has only just recovered from the previous attack in February.
It was reported that the organisation paid a fee of 22 million dollars to ALPHV after the incident - a statement made by researchers tracking a known cryptocurrency ALPHV and confirmed by RansomHub. However, Change Healthcare has not officially confirmed it.
If all the statements are true, it means that the health care company has to decide whether to pay a second fee to keep its data safe.
See also: Integris Health: patients receive blackmail messages after cyber attack
UnitedHealth, the parent company of Change Healthcare, disclosed a ransomware incident on February 22, stating at the time that it did not expect it to materially affect its financial condition or results of operations.
It was initially suspected to be state hackers, but the ransomware group ALPHV, later claimed responsibility. Many of its systems were disabled as a result while it assessed and tried to deal with the damage.
After the attack, hospitals and pharmacies reported serious disruptions in the services, with many unable to process prescriptions, payments and medical claims. Liquidity problems also affected many institutions, necessitating the intervention of the US government.
The IT industry's ransomware data protection standards will be subject to an investigation by the US healthcare industry data regulator, reported in "the unprecedented scale of this cyber-attack" in his letter to Change Healthcare.
See also: Integris Health: data breach affects 2.4 million people
What are the consequences of ransomware attacks on healthcare delivery?
Ransomware attacks, such as the one against Change Healthcare, can cause significant disruption to the operation of healthcare services, as their IT systems can become inoperable. This can lead to delays in the delivery of medical care and an increased risk to Security of patients. In addition, ransomware attacks can cause the loss or theft of sensitive data, such as medical records and patients' personal information. In addition, ransomware attacks can have a significant financial impact on healthcare services. The costs to restore systems, address breaches, and pay off the attackers' claims can be extremely high.Finally, ransomware attacks can cause long-term damage to the image and reputation of healthcare organizations.
Source: theregister
