US offers $10M to help catch Change Healthcare hackers

Trending 2 weeks ago

The U.S. authorities said it is extending its reward seeking accusation connected cardinal activity of nan ALPHV/BlackCat cybercrime pack to its connection members, 1 of which past period took in installments for a monolithic ransomware onslaught connected a U.S. wellness tech giant.

In a connection Wednesday, nan U.S. State Department said it will offer a reward of up to $10 million for accusation that identifies aliases locates immoderate personification associated pinch ALPHV/BlackCat, including “their affiliates, activities, aliases links to a overseas government.”

The Russia-based ALPHV/BlackCat is simply a ransomware-as-a-service operation, which recruits affiliates — efficaciously contractors who gain a committee for launching ransomware attacks — and takes a trim of immoderate ransom request nan unfortunate pays. Although information researchers person not yet drawn a relationship betwixt ALPHV/BlackCat and a overseas government, nan State Department implied successful its connection that nan pack whitethorn beryllium “acting astatine nan guidance aliases nether nan power of a overseas government,” specified arsenic Russia.

The State Department blamed nan prolific ransomware group for targeting U.S. captious infrastructure, including healthcare services.

Last month, an connection group of nan ALPHV/BlackCat pack took in installments for a cyberattack and weeks-long outage astatine U.S. wellness tech elephantine Change Healthcare, which processes astir one-in-three U.S. diligent aesculapian records. The cyberattack knocked retired overmuch of nan U.S. healthcare system’s entree to diligent records and billing information, causing monolithic outages and delays successful fulfilling medications and prescriptions and surgical authorizations for weeks.

The connection group went nationalist aft accusing nan main ALPHV/BlackCat pack of swindling nan statement hackers retired of $22 cardinal successful ransom that Change Healthcare allegedly paid to forestall nan wide leak of diligent records.

The group said ALPHV/BlackCat carried retired an “exit scam,” wherever nan hackers tally disconnected pinch their luck to debar paying their affiliates and support nan stolen costs for themselves.

Despite having mislaid their trim of nan ransom demand, nan connection group claimed to still person entree to a immense magnitude of stolen delicate diligent data.

Change Healthcare has said since that it ejected nan hackers from its web and restored overmuch of its systems. U.S. wellness security elephantine UnitedHealth Group, nan genitor institution of Change Healthcare, has not yet confirmed if immoderate diligent information was stolen.