Ugh. So, ransom enthusiasts RansomHub have started the PHI leak bloodbath from Change Healthcare.
This is their initial lame ransom note.
And now…they started leaking data. ALPHV is Blackcat, thus my title. First, to Wired two days ago:
WIRED received samples of Change Healthcare data allegedly stolen by RansomHub, and it appears to be legitimate. RansomHub claims to be holding four terabytes of stolen data and is demanding a ransom from Change Healthcare.Â
And now they are reported to be posting both PHI and contracts between Change/UHC and counterparties. The discovery in the subsequent legal matters is getting more streamlined, at least.
Yesterday, techcrunch shared:
An extortion group has published a portion of what it says are the private and sensitive patient records on millions of Americans stolen during the ransomware attack on Change Healthcare in February.
"The payment of a ransom doesn't guarantee the cybercriminal will decrypt a victim's files or reinstate access to their systems," Darren Guccione, co-founder and CEO of cybersecurity firm Keeper Security, emailed in a statement to Becker's. "They are criminals and, as such, they cannot be trusted."
Thank God UnitedHealth Group is not under any investigation by the DOJ and can be trusted implicitly—you know, cause you can’t trust criminals to do what they say even after you pay them.
Oh, Wait.
EM doc here. Despite all of this, every day we just enter more information into EMRs that are ridiculously vulnerable. Thanks for your posts!