Catch Change Healthcare Hackers: US Grants $10M in Assistance

The State Department blamed the prolific ransomware group for targeting U.S. critical infrastructure, including healthcare services. Last month, an affiliate group of the ALPHV/BlackCat gang took credit for a cyberattack and weeks-long outage at U.S. health tech giant Change Healthcare, which processes around one-in-three U.S. patient medical records. The affiliate group went public after accusing the main ALPHV/BlackCat gang of swindling the contract hackers out of $22 million in ransom that Change Healthcare allegedly paid to prevent the mass leak of patient records. Change Healthcare has said since that it ejected the hackers from its network and restored much of its systems. U.S. health insurance giant UnitedHealth Group, the parent company of Change Healthcare, has not yet confirmed if any patient data was stolen.

The United States government announced an extension to its efforts in seeking information on the key leadership of the ALPHV/BlackCat cybercrime gang, including their affiliate members.

The group was recently in headlines last month for claiming responsibility for a major ransomware attack on a U.S. health technology giant.

“The U.S. State Department stated it will offer a reward of up to $10 million for any information regarding the identification or location of individuals associated with ALPHV/BlackCat, their affiliates, activities, or potential links to foreign governments.”

The Russian-based cybercriminal operation, known as ALPHV/BlackCat, operates as a ransomware-as-a-service (RaaS) model. This scheme recruits affiliates, acting as contractors who receive compensation for launching ransomware attacks. Additionally, the operation receives a percentage of the ransom paid by the victim. While security researchers have not found a direct connection between ALPHV/BlackCat and a foreign government, the State Department implied in their statement that the group may be acting under the direction or control of a foreign government, such as Russia.

The State Department also accused the prolific ransomware group of targeting critical infrastructure in the United States, specifically healthcare services.

Just last month, an affiliate group of ALPHV/BlackCat claimed responsibility for a cyberattack that caused weeks of outage at Change Healthcare, a U.S. health tech giant. This attack resulted in a significant disruption to the access of patient records and billing information across the U.S. healthcare system. These delays caused problems in fulfilling medications and prescriptions, as well as surgical authorizations for weeks.

The affiliate group went public after accusing the main ALPHV/BlackCat gang of cheating them out of $22 million in ransom that was allegedly paid by Change Healthcare to prevent the mass leak of sensitive patient records. According to the group, ALPHV/BlackCat carried out an “exit scam,” where the hackers flee with their fortune to avoid paying their affiliates and instead keep the stolen funds for themselves.

Despite losing their share of the ransom demand, the affiliate group claimed to still have access to a significant amount of stolen sensitive patient data. Change Healthcare has stated that they have removed the hackers from their network and have restored many of their systems. However, the parent company of Change Healthcare, UnitedHealth Group, has not yet confirmed if any patient data was compromised during the attack.

Maintaining strong cybersecurity measures and staying vigilant against these types of attacks will be critical for protecting critical infrastructure and sensitive personal information in the future.

Avatar photo
Ava Patel

Ava Patel is a cultural critic and commentator with a focus on literature and the arts. She is known for her thought-provoking essays and reviews, and has a talent for bringing new and diverse voices to the forefront of the cultural conversation.

Articles: 850

Leave a Reply

Your email address will not be published. Required fields are marked *