Priya Patel
TLDR:
- Change Healthcare admits to paying ransom to hackers known as AlphV or BlackCat.
- Hackers threaten to sell stolen patient data on the dark web, creating additional security concerns.
In a recent statement, Change Healthcare acknowledged that it paid a ransom to cybercriminals who targeted the company in February. The ransom, totaling 350 bitcoins or around $22 million, was paid to a hacker group known as AlphV or BlackCat. This payment was made in an effort to protect patient data from disclosure, although the company later found out that patient data ended up on the dark web.
The confirmation of this ransom payment has raised concerns in the cybersecurity industry, as it may encourage further attacks on healthcare organizations. Another ransomware group, RansomHub, claims to possess Change Healthcare’s stolen data and has threatened to sell it on the dark web. This situation highlights the ongoing security challenges faced by companies like Change Healthcare in protecting sensitive patient information.
Despite the payment, there are still doubts about whether the compromised data will be exploited by other hackers, as there are conflicts within the ransomware underground. Change Healthcare’s experience serves as a cautionary tale for other organizations about the risks and challenges associated with ransomware attacks and data breaches in the healthcare sector.
