The hackers suspected of breaching the UnitedHealth Group declared that they stole millions of private details from the firm, including medical insurance and health data.
In a message posted to, and then swiftly deleted from, their darknet site, the hackers suspected of hacking the UnitedHealth Group (UNH.N.) announced on Wednesday that they took millions of sensitive details from the corporation, including medical insurance and health data.
According to screenshots of the posting released online by cybersecurity analysts, the gang known as “Blackcat” or “ALPHV” claimed responsibility for the theft of 8 gigabytes of data from UnitedHealth in a statement posted on its website.
UnitedHealth, whose Change Healthcare unit was at the center of the hack, confirmed that it was aware of the assertion and was “looking into it.”
Blackcat claimed to have stolen data from partners such as Medicare, the United States Military Medical Health Agency Tricare, CVS Health (CVS.N.), and other corporations.
The allegation was promptly removed without explanation. Attempts to contact the hackers have so far been unsuccessful, and there is no immediate way of verifying the claims, which are not supported by any data or screenshots.
The Centers for Medicare and Medicaid Services did not immediately respond to a message seeking comment.
CVS stated that it was aware of the hackers’ assertion but that, “at this time, Change Healthcare has not confirmed whether any CVS Health member or patient information that it holds, including CVS Caremark information, was impacted by this incident.”
Brett Callow, a threat analyst at cybersecurity firm Emsisoft, believes there could be various reasons why the hackers would compose an inflammatory message and then delete it.
One possibility is that the hackers have begun ransom discussions with UnitedHealth or that the conversations have entered a new phase. It was also plausible that the hackers were attempting to garner attention in order to push the healthcare organization to enter negotiations. Or perhaps the hackers simply “decided they didn’t want so much attention at this particular point in time.”
Blackcat has a history of disruptive breaches, including attacks on MGM Resorts International (MGM.N) and Caesars Entertainment (CZR.O.), which hampered operations at hotels.
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics.
