According to screenshots of the posting released online by cybersecurity analysts, the gang known as “Blackcat” or “ALPHV” claimed responsibility for the theft of 8 gigabytes of data from UnitedHealth in a statement posted on its website.
The revelation was acknowledged by UnitedHealth, whose Change Healthcare unit was at the core of the hack, and the company claimed it was “looking into it.”
Blackcat alleged that it had stolen information from partners such as CVS Health, opens new tab, Medicare, and the U.S. military medical health service Tricare.
The assertion was quickly and without justification removed. Reuters has not been able to get in contact with the hackers thus far, and the news organization was unable to quickly confirm the allegations, which were not supported by any screenshots or data.
Upon receiving a message for comment, the Centers for Medicare and Medicaid Services did not respond right away. Tricare, which has stated that the attack affected all of its military pharmacies, likewise failed to respond to a mail requesting comment right away.
Although the hackers’ statement was acknowledged by CVS, the company stated in a statement that “at this time, Change Healthcare has not confirmed whether any CVS Health member or patient information that it holds, including CVS Caremark information, was impacted by this incident.”
According to threat expert Brett Callow of the cybersecurity company Emsisoft, there are a number of reasons why hackers could post an offensive message before removing it.
One possibility was that UnitedHealth had engaged into ransom talks with the hackers, or that the discussions had moved into a new stage. It was also conceivable that the hackers were attempting to draw attention in an effort to pressure the healthcare provider to engage in negotiations. Or perhaps the hackers “decided they didn’t want so much attention at this particular point in time” after having second thoughts.
Blackcat has a history of disruptive hacks, including attacks on MGM Resorts International, opens new tab and Caesars Entertainment, opens new tab that snarled operations at hotels and casinos last year.
