Janice R. Andrews
Change Healthcare, which has been dealing with a ransomware crisis for more than two months, has now admitted to paying a ransom to the cybercriminal gang AlphV or BlackCat, despite first refusing to confirm the payment.
In a statement to WIRED and other sources, the medical firm agreed to making the payment as part of its efforts to protect patient data. However, the acknowledgment comes with the sobering realization that large volumes of sensitive medical data remain at danger.
The confirmation comes after weeks of suspicion when a 350 bitcoin transaction, worth around $22 million, was traced back to AlphV on March 1. Despite the obvious transaction on Bitcoin’s blockchain, Change Healthcare has kept silent on the issue till now.
The aftermath of the ransomware attack has left the healthcare industry reeling, with fears that similar attacks will only promote future targeting of healthcare companies. Compounding the matter, RansomHub, a competing ransomware outfit, claims to have Change Healthcare’s stolen data and has threatened to sell it on the black web.
Although RansomHub’s listing of the data has mysteriously vanished, Change Healthcare cautions that screenshots of it have been released on the dark web by an unidentified hacker gang. While it claims that no complete medical records were found among the stolen material, patient information, including protected health information (PHI) and personally identifiable information (PII), remains at risk.
For Change Healthcare, the confirmation of the ransom payment adds a painful chapter to an already bleak story. The hack shut down the company’s operations, disrupting the nationwide insurance approval process for medications and medical procedures. A poll of American Medical Association members found severe financial losses for medical practices, with some physicians relying on personal assets to cover costs.
Change Healthcare reported a whopping $872 million loss as a result of the event, with further financial consequences expected. Despite the large ransom payment, the company’s recovery attempts have been delayed, demonstrating the far-reaching repercussions of ransomware assaults.
The $22 million payout not only rewards AlphV for its destructive conduct, but it also demonstrates the profitability of attacking healthcare firms. Furthermore, an internal conflict within the ransomware ecosystem has exacerbated problems, with AlphV apparently staging a bogus law enforcement takedown to avoid sharing the ransom payout with its affiliates.
As Change Healthcare deals with the aftermath, concerns remain that the exposed data may be exploited by rogue hackers. The corporation confronts the dreadful threat of having its data stolen despite the hefty ransom payment, implying a potential loss of millions of dollars with no guarantee of data security.
In the ongoing struggle against ransomware, Change Healthcare’s ordeal serves as a sharp reminder of the high stakes and the critical need for improved cybersecurity safeguards to secure sensitive medical information.
