Welcome to #cybertiptuesday ! We've been away helping protect the cyber world for a bit but if you've paid attention at all to the cyberattack landscape lately, you are assured to have read about the latest massive attack on United Health Group (UHG). UHG, the world's largest healthcare company by revenue, learned of a breach on 2/21/24 within its Optum division, specifically the Change Healthcare system. Optum’s Change Healthcare has a great presence within US healthcare, as it is used by hospitals, clinics and pharmacies nationwide. Change Healthcare is so intertwined that the AHA warned at the time that healthcare organizations that use Optum should disconnect their systems immediately to protect their private data.
The BlackCat/APLHV ransomware gang has claimed responsibility for the attack; alleging that they stole 6TB of data from the network. Though they have not yet been officially credited for the attack, BlackCat is known to focus on the healthcare sector. The FBI says the gang had over 1000 victims and was able to collect over $300 million in ransomware payments in 2023 alone.
On March 15, UHG announced that they were able to restore the Change Healthcare's electronic payments platform and have also restored 99% of the pharmacy network services. UHG also advanced over $2 billion to assist care providers that were disrupted by the cyberattack. In an AHA survey, 94% of hospitals experienced financial disruptions from the attack.
UHG has not disclosed what data was compromised by the attack or whether or not a ransom was paid to restore systems, however, the Biden administration announced that it has launched an investigation into the company due to the "unprecedented magnitude of the cyberattack". #protectphi #kansascitycyber
Activate to view larger image,
Comments