Change Healthcare, a subsidiary of United Healthcare, is currently facing another cyberattack by the ransomware gang RansomHub. This attack comes just weeks after the company was hit by an ALPHV/BlackCat cyberattack. RansomHub has stolen an alleged 4TB of data from Change Healthcare and is now demanding an extortion payment. If the payment is not made within 12 days, RansomHub threatens to sell the stolen data to the highest bidder.
The stolen data includes sensitive information such as that of US military personnel, patient records, and financial data. RansomHub has made it clear that this information has not been leaked or shared anywhere, putting Change Healthcare in a difficult position as it must decide whether paying the ransom is the best course of action. The company is still recovering from the previous attack and must weigh the risks and benefits of making a payment.
Malachi Walker, a security adviser at DomainTools, believes that RansomHub’s actions could be a tactic to scare victims into making a payment. The world of ransomware is complex, with various groups collaborating and sharing information to maximize their profits. While there are rumors about RansomHub’s connection to ALPHV or BlackCat, it is too early to confirm any links between the groups.
Change Healthcare is once again at the mercy of cybercriminals, facing pressure to make a decision regarding the ransom demand amidst a challenging situation in the aftermath of the recent cyberattack. The company is working hard to protect its clients’ data and navigate the intricate landscape of ransomware threats and attacks.
