Change Healthcare is reportedly facing yet another ransomware attack. This comes after a recent breach in February that cost the company $22 million in an extortion payout. So, it’s no surprise that another group is following up with a payday.
The ransomware group, named RansomHub, allegedly stole 4 terabytes of stolen data from the company, including patient files, financial data, and data-sharing contracts between Change Healthcare and other companies, including insurance providers like Health Net and Loomis.
However, the company has stated that it’s seen no evidence of a ransomware attack so far:
“We are working with law enforcement and outside experts to investigate claims posted online to understand the extent of potentially impacted data,” the company said.
Though the attack is yet to be confirmed, and Change Healthcare has not authenticated the reportedly stolen documents shared by the attackers, the investigation is still ongoing as the threat appears credible.
Either way, RansomHub is threatening to sell the data if the ransom is not paid, yet it won’t reveal how much it’s demanding from the company. It has also begun leaking screenshots of files they claim were stolen in the attack. Change Healthcare has 5 days to pay the ransom or RansomHub will sell the stolen data to the highest bidder.
In an attempt to slow the growth curve, the government passed the Ransomware and Financial Stability Act last week:
“To give institutions a road map for when they are facing a ransomware attack, the bill requires those covered by the rules to notify the Treasury Department before making a ransomware payment and prohibits ransomware payments of more than $100,000 unless authorized by law enforcement or the president,” the act declares.
This and other new measures surrounding cybersecurity in the healthcare industry aim to reduce the occurrence of cyberattacks, with the hope that when companies stop paying, malicious actors will stop stealing.