BlackCat strikes again - and this time it's breached a healthcare giant

security
(Image credit: Shutterstock / binarydesign)

The notorious BlackCat ransomware actor appears to have claimed another high-profile victim after Fortune 500 healthcare organization Henry Schein was hit. 

As reported by BleepingComputer, the ransomware gang, also known as ALPHV, added Henry Schein to its data leak site, claiming it took some 35TB of data during the attack.

It also seems as if, after a bit of back-and-forth, the healthcare firm came to an agreement with the criminals. At first, the company was given the decryption key and started restoring its systems, but before the restoration was completed, BlackCat re-encrypted everything as negotiations broke down.

Containing the incident

"Despite ongoing discussions with Henry's team, we have not received any indication of their willingness to prioritize the security of their clients, partners, and employees, let alone protect their own network," the gang was quoted as saying.

"As of midnight today, a portion of their internal payroll data and shareholder folders will be published on our collections blog. We will continue to release more data daily."

Soon after, BlackCat deleted all of the Henry Schein data from its website, suggesting that the two may have finally agreed. There is no word from the company on this news just yet.

The attack took place roughly two weeks before BlackCat started posting the data online. Back then, Henry Schein reported suffering a cyberattack that affected its manufacturing and distribution businesses, and that it was forced to take some of it systems offline to mitigate the damages.

"Henry Schein promptly took precautionary action, including taking certain systems offline and other steps intended to contain the incident, which has led to temporary disruption of some of Henry Schein's business operations. The Company is working to resolve the situation as soon as possible," it said.

As usual, the company notified the police and brought in forensic experts to help with the investigation. It also urged the customers at the time to place orders either through a Henry Schein representative or via phone.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
security
Ransomware gangs allegedly hit two major US healthcare firms, 300,000 patients have data stolen
ID theft
Over a million patients potentially hit after another US healthcare provider hit by cyberattack
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
UK private health services firm told to pay up $2m for ransomware hit
ransomware avast
The biggest addiction treatment provider in the US says it was hit by data breach
An abstract image of padlocks overlaying a digital background.
US healthcare giant Ascension says ransomware attack affected nearly six million customers
Lock on Laptop Screen
Clop ransomware lists Cleo cyberattack victims
Latest in Security
A man holds a smartphone iPhone screen showing various social media apps including YouTube, TikTok, Facebook, Threads, Instagram and X
A worrying Apple Password App vulnerability reportedlyleft users exposed for months
DeepSeek
Fake DeepSeek installers are infecting your device with dangerous malware
AI tools.
Not even fairy tales are safe - researchers weaponise bedtime stories to jailbreak AI chatbots and create malware
Data leak
Top California sperm bank suffers embarrassing leak
An Android phone being held in the hand
These malicious Android apps were installed over 60 million times - here's how to stay safe
ransomware avast
Billions of credentials were stolen from businesses around the world in 2024
Latest in News
Stability AI 3D Video
Stability AI’s new virtual camera turns any image into a cool 3D video and I’m blown away by how good it is
A man holds a smartphone iPhone screen showing various social media apps including YouTube, TikTok, Facebook, Threads, Instagram and X
A worrying Apple Password App vulnerability reportedlyleft users exposed for months
Google Pixel 9a
Google is delaying the Pixel 9a to fix a mystery “component quality issue”
The bottom left corner of an Android phone, showing the Phone, Messages, Google icons and Google Search bar
Google Messages remote delete will soon save you from texting embarrassment – and here's how it works
ExpressVPN mobile app and Aircove
ExpressVPN ‘reduces workforce’ for the second time in two years
The Nanoleaf PC Screen Mirror Lightstrip being used on a desktop computer.
Mac gaming could get an intriguing boost – but not in the way you'd expect