Change Healthcare data for sale on dark web as fallout from ransomware attack spirals out of control

Graham Cluley— February's crippling ransomware attack against Change Healthcare, which saw prescription orders delayed across the United States, continues to have serious consequences. in my article on the Hot for Security blog.

PYMNTS.com—Hackers Were in Change Healthcare System 9 Days Before Ransomware Attack. Hackers were reportedly in the networks of UnitedHealth Group’s Change Healthcare unit for days before launching their ransomware strike. They gained entry to the networks on Feb. 12, using compromised credentials on an application that allows staff to remotely access systems, The Wall Street Journal (WSJ) reported Monday (April 22). During the nine days they were […]

WIRED—Change Healthcare Finally Admits It Paid Ransomware Hackers—and Still Faces a Patient Data Leak. More than two months after the start of a ransomware debacle whose impact ranks among the worst in the history of cybersecurity, the medical firm Change Healthcare finally confirmed what cybercriminals, security researchers, and Bitcoin's blockchain had already made all too clear: that it did indeed pay a ransom to the hackers who targeted the company in February. And yet, it still faces the risk of losing vast amounts of customers' sensitive medical data. In a statement sent to WIRED and other...

Cyberscoop—Data stolen in Change Healthcare attack likely included U.S. service members, executive says. UnitedHealth Group CEO Andrew Witty tells Senate committee that Change Healthcare didn’t have MFA enabled on the server that was attacked in February, resulting in a $22 million ransom payment.