In a recent revelation, the cyberattack on UnitedHealth’s Change Healthcare has been attributed to the Blackcat ransomware group, also known as ALPHV or Noberus. Change Healthcare confirmed the identification and acknowledged the ongoing efforts to address the attack’s impact on prescription-processing services provided by the company. The attack has disrupted the ability of some pharmacies to fill prescriptions promptly, affecting their interactions with insurance companies for payment processing.
Change Healthcare is actively collaborating with law enforcement agencies, including the FBI, as well as third-party cybersecurity consultants such as Mandiant and Palo Alto Networks, to investigate and mitigate the incident. The company stated that it is working on multiple workarounds to ensure continued access to medications and necessary healthcare services for affected individuals.
Blackcat, previously mentioned by the Justice Department in December, has become the world’s second most prolific ransomware-as-a-service (RaaS) organization over the past two years, extracting significant sums from victims globally. The group has targeted critical infrastructure, government facilities, emergency services, defense industrial-base companies, healthcare facilities, and other entities. RaaS involves selling or renting exploit kits to hackers, allowing unauthorized access to companies for data theft, malware installation, and system control.
Initially suspected to be a nation-state-associated actor, Blackcat is now confirmed as a for-profit operation. The company has not ruled out the potential involvement of another government, and Blackcat, in a since-deleted social media post, denied any government association. The cyberattack on Change Healthcare’s systems has kept them offline for ten days, with the company actively pursuing multiple strategies to restore the impacted environment and enhance its cybersecurity measures.”
Note: The information provided here is based on the details available in the provided context and may be subject to updates as the situation evolves.