TLDR:
- Change Healthcare is facing a second ransomware attack following a breach in February.
- A group called RansomHub claims to have stolen data from Change Healthcare and is threatening to sell it if a ransom is not paid.
Change Healthcare, which processes claims for healthcare giant UnitedHealth Group, is reportedly targeted by a second ransomware attack. The ransomware group, RansomHub, has claimed to have four terabytes of stolen data and is demanding a ransom from Change Healthcare. The group has posted samples of patient records and a data-sharing contract for UnitedHealth, indicating the severity of the situation. This attack comes after a major breach in February that disrupted the healthcare sector. The wave of ransomware attacks has prompted legislative action, including the reintroduction of the bipartisan “Ransomware and Financial Stability Act,” which aims to provide guiderails for financial institutions to respond to ransomware attacks. With ransomware payments exceeding $1 billion in 2023, cybersecurity remains a critical concern for organizations.