An outage at UnitedHealth's technology unit, impacting prescription deliveries for six days, has been traced back to hackers affiliated with the "Blackcat" ransomware gang, as disclosed by two reliable sources to Reuters.
The incident, which commenced last week, ensued following a breach in Change Healthcare's IT systems, causing disruptions across pharmacies nationwide.
Response Amid Chaos
Two sources familiar with the matter said that the hackers behind UnitedHealth's tech unit are from Blackcat ransomware gang.
Despite mounting concerns, both Change Healthcare and UnitedHealth remained silent, failing to address inquiries regarding the situation. Similarly, the "Blackcat" group, also recognized as "ALPHV," refrained from comment when approached about their potential involvement, according to Bleeping Computer.
Meanwhile, Alphabet's cybersecurity arm, Mandiant, has taken the reins of the investigation, confirming its active engagement but withholding further details.
Related Article: RustDoor: New macOS Malware Disguised as Visual Studio Update Linked to ALPHV/BlackCat Ransomware Gang
Blackcat Ransomware Reigns Supreme
"Blackcat" emerges as a prominent figure in the realm of ransomware, notorious for orchestrating cyber assaults on major corporations, such as MGM Resorts International and Caesars Entertainment. Although the group faced a crackdown in December, orchestrated by U.S.-led law enforcement, their resilience persists, with threats looming over critical infrastructure and healthcare facilities.
Unprecedented Fallout
Amidst the chaos, pertinent authorities including CISA and the FBI remained silent, evading requests for input. This development underscores the unpredictability of digital disruptions and their efficacy in deterring ransomware factions. Moreover, revelations implicating "Blackcat" in the Change Healthcare breach cast doubt on UnitedHealth's prior attribution of the incident to a suspected nation-state actor.
"It's inevitable that if you have a group that's making millions of bucks, they are going to attempt to make a comeback," Brett Callow, a threat analyst at the cybersecurity firm Emsisoft said via Reuters.
Pharmacy Operations Paralyzed
The fallout from the outage reverberates across pharmacy chains nationwide, including CVS Health and Walgreens, compounding operational challenges amid the ongoing healthcare crisis.
The American Pharmacists Association (APhA) reported widespread transmission failures for insurance claims, exacerbating backlogs in prescription processing and underscoring the far-reaching ramifications of cyber attacks on critical infrastructure.
As the investigation unfolds, stakeholders brace for potential aftershocks, highlighting the urgent need for robust cybersecurity measures to thwart future threats and safeguard essential services from malicious actors.
Read Also: Russian Ransomware Group BlackCat Seized by US: Decryption Tool Distributed to Over 500 Victims
