Change Healthcare information on the market on darkish net as fallout from ransomware assault spirals uncontrolled

February’s crippling ransomware assault towards Change Healthcare, which noticed prescription orders delayed throughout the USA, continues to have critical penalties.

The cybercriminal group RansomHub revealed a portion of what it claims to be the various thousands and thousands of affected person data it stole within the assault on the darkish net, together with medical data, insurance coverage data, and billing particulars.

RansomHub claims 4TB of stolen information are up on the market to the very best bidder except Change Healthcare pays a ransom.  The haul is alleged to additionally comprise contracts and authorized agreements between Change Healthcare and its enterprise companions.

What makes the state of affairs fairly extra advanced is that RansomHub isn’t the primary cybercriminal group to say accountability for the extremely disruptive Change Healthcare hack.

The ransomware assault was initially attributed to the BlackCat ransomware gang (also called ALPHV). Certainly, it was reported that BlackCat/ALPHV had acquired a cryptocurrency cost equal to US $22 million in early March in what was extensively assumed to be a ransom cost.

If that is correct, why would a distinct cybercrime gang now seem like demanding a ransom cost from Change Healthcare? Is that this a separate information breach, or two completely different teams making an attempt to extort cash for a similar theft?

What is feasible is that the safety breach is being linked to 2 completely different teams as a result of associates and members of a ransomware gang have fallen out with one another and squabbled about how greatest to divide the proceeds.

For its half, RansomHub told Wired that it was not affiliated with the BlackCat/ALPHV group and declined to reveal the ransom quantity demanded from Change Healthcare.

Regardless of the actuality is of who stole what, and the way a lot ransom they might have demanded, the sale of the exfiltrated information raises the stakes dramatically for each sufferers and the trade as a complete.

Sufferers now discover themselves at elevated danger of id theft and monetary fraud, in addition to doubtlessly discrimination based mostly upon their leaked medical data.  In the meantime, insurers concern they might see a major surge in fraudulent claims which – in flip – may drive up prices for shoppers.

None of which is nice information, and raises an fascinating query – how will Change Healthcare reply to the newest ransom demand?

Change Healthcare’s guardian firm, UnitedHealth Group, says that it continues to “make progress in mitigating the affect” of February’s cyber assault.