Developing: Someone claiming to be an “affiliate plus” for AlphV claims they were responsible for the Change Healthcare attack but that AlphV stole the payment Change Healthcare had made and suspended the affiliate’s account. The affiliate’s claims appeared on Ramp Forum and have been circulating since then. The post can be seen below, via @vx-underground:…
Search Results for: "change healthcare"
Yes, Change Healthcare breach was us — BlackCat
Zack Whittaker reports that the ongoing cyberattack at Change Healthcare has been confirmed as a ransomware attack, with executives of the firm linking it to AlphV (BlackCat). Reuters was the first to report the claimed attribution to BlackCat, but until now, there has been no confirmation from BlackCat. Minutes ago, BlackCat informed DataBreaches that yes,…
Change Healthcare responding to cyberattack; few details known at this point
Early yesterday, Change Healthcare reported that they were experiencing enterprise-wide connectivity issues. They didn’t call it a cyberattack at that point, but by mid-day, their status reports were indicating that they were experiencing “a network interruption related to a cyber security issue.” A few hours later, they added a statement, “Once we became aware of…
Three State Attorneys General Secure $4.5 Million from Enzo Biotech for Failing to Protect Health Data of 2.4 Million Patients
NEW YORK – New York Attorney General Letitia James and the attorneys general of Connecticut and New Jersey today secured $4.5 million from Enzo Biochem, Inc. (Enzo) for failing to adequately safeguard the personal and private health information of its patients. Enzo is a biotechnology company that offers patients diagnostic testing at its laboratories in New York,…
Why Did Change Health Lowball Its 1st Breach Report to Feds?
Marianne Kolbasuk McGee of HealthInfoSec poses a question about why Change Healthcare’s report to HHS indicated that 500 patients were affected when they already admitted that there were millions. Why use such a low placeholder instead of a higher number when it has been months since they discovered the breach and they must have some…
RADAR and DISPOSSESSOR shift to R-a-a-S model
In April, Jim Walter of SentinelOne wrote an article about how some ransomware affiliates were teaming up with others to get paid if they had been cheated by previous partners. Perhaps the best-known recent example of this occurred after ALPHV allegedly secured a $22 million ransoms from Change Healthcare and then absconded with the money…