DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Henry Schein re-encrypted by BlackCat again

Posted on November 26, 2023 by Dissent

On October 15, Henry Schein, Inc. disclosed a breach:

On Saturday, October 14, Henry Schein, Inc. (Nasdaq: HSIC) determined that a portion of its manufacturing and distribution businesses experienced a cybersecurity incident. Henry Schein promptly took precautionary action, including taking certain systems offline and other steps intended to contain the incident, which has led to temporary disruption of some of Henry Schein’s business operations. The Company is working to resolve the situation as soon as possible.

Read more of their original notice on their website.  AlphV (BlackCat) later claimed responsibility for the attack.

On November 13, Henry Schein issued an update on the scope of the breach. As MedTechDive reported:

  • In a letter to its customers, the company disclosed on Monday that a data breach occurred, but “we do not have all the details of what data may have been compromised.” Customer bank accounts and credit card numbers may have been affected. Henry Shein also issued a letter to its suppliers, writing that the company is “aware that the bank account information for a limited number of suppliers was misused.”
  • CEO Stanley Bergman told investors on a Monday earnings call that the company is working to bring its e-commerce platform back online this week, and that the incident primarily affected its dental and medical distribution operations in North America and Europe.

But the situation had deteriorated from the first attack instead of things improving. AlphV posted an update about negotiations breaking down,  and BlackCat re-encrypting them.

Then, on November 22, Henry Schein posted another notice on its homepage:

Certain Henry Schein applications, including its ecommerce platform, are currently unavailable. The Company continues to take orders using alternate means and continues to ship to its customers. The Company is in the process of securely restoring these applications.

Henry Schein has identified the cause of the occurrence. The threat actor from the previously disclosed cyber incident has claimed responsibility.

The following day, it provided another update:

Henry Schein would like to provide a further update on the cybersecurity incident following the communication we provided on November 22.

The Company quickly identified the cause of the disruption and is leveraging the prior work we did to restore our systems. As a result, we believe that the disruption to our ecommerce platform and certain other applications will be short term.

The Company is in the process of securely restoring the ecommerce platform and these other applications.

In the meantime, the Company continues to take orders using alternate means and continues to ship to its customers.

Its most recent update (November 26) states:

Henry Schein would like to provide a further update on the cybersecurity incident following the communications we provided on November 22 and 23.

We expect our U.S. ecommerce platform and certain other applications to be restored in the next few days, and possibly as early as Monday. Our ecommerce platform and other applications in Canada and Europe are expected to follow shortly thereafter.

 Related:  Henry Schein Inc.  SEC Filings Concerning the Security Incident:

Cautionary Note Regarding Forward-looking Statements
11/26/23: Update on Cybersecurity Incident
11/23/23: Update on Cybersecurity Incident
11/22/23: Update on Cybersecurity Incident
11/13/23: Notice sent to United States customers on November 13, 2023
11/13/23: Notice sent to United States suppliers on November 13, 2023
11/2/23: Press Release | Henry Schein to Webcast Third Quarter 2023 Conference Call and Provide an Update on Its Full-Year 2023 Guidance on Monday, November 13, 2023 at 10:00 a.m. ET
11/2/23: Henry Schein, Inc. Form 12b-25 Notification of Late Filing
10/24/23: Henry Schein, Inc. 8-K: Item 7.01
10/24/23: Customer Letter | Henry Schein Order Processing
10/15/23: Press Release | Henry Schein Provides Information on Cybersecurity Incident
Category: Business SectorHackU.S.

Post navigation

← Europe’s grid is under a cyberattack deluge, industry warns
DHS/CISA and UK NCSC Release Joint Guidelines for Secure AI System Development →

3 thoughts on “Henry Schein re-encrypted by BlackCat again”

  1. Anonymous says:
    November 26, 2023 at 9:26 pm

    Ordering was working after November 14th

    1. Dissent says:
      November 27, 2023 at 6:30 am

      And then it wasn’t again, according to Schein’s subsequent updates.

  2. LG says:
    November 27, 2023 at 11:58 am

    Credit card info was compromised in this breach.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors
  • Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes
  • 100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC
  • CISA Alert: Updated Guidance on Play Ransomware
  • Almost one year later, U.S. Dermatology Partners is still not being very transparent about their 2024 breach

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant
  • US State Dept. says silence or anonymity on social media is suspicious

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.