Meddling Medians and Malicious Malwares: The CyberHillaryWhoDoneIt
Meddling Medians and Malicious Malwares: The CyberWhoDoneIt?
Monday blues took a completely new form this week, in a cyber-realm saga that is straight out of a digital crime thriller! No, I am not kidding folks. Meet “RansomHub”, a ransomware and extortion gang with a flair for theatrics. On their dark web POT (Performance on Thievery), they let slip some pretty sensitive files. Unfortunately, these files were boiling over with personal patient information — billing files, insurance records, the whole medical kit and kaboodle.
As an added sprinkle of salt on the wound, some files also held contracts and agreements between Change Healthcare and its partners. Mr. RansomHub set out his demands simple and straight- If Change Healthcare doesn’t show them the money, they put up the data on eBay for the highest bidder. Or well, something like that! On the face of it, it seemed like just another Friday in the cybersecurity sphere, until we stepped in deeper water.
Deeper Waters and Darker days: The Twist in the Tale
This is a cyber first folks- It is the debut show where proof is available in the wide-open public to show cyber bandits have got their grubby digital mitts on medical and patient records from the cyberattack on Change Healthcare. It like the saga just dialed up from a thriller to a drama.
Now, Poor Change Healthcare faces a new conundrum, a second act by another group demanding a ransom to prevent the spillage of the stolen patient data. It’s just been a few months since the first act! If you thought your Monday was rough, think again.
A Word From The Big Boss: UnitedHealth Group Enters the Chat
UnitedHealth Group, the big parent company behind Change Healthcare refuses to acknowledge a fresh cyber incident. Tyler Mason, who spoke for UnitedHealth Group stated, “We are working with law enforcement and outside experts to investigate claims posted online to understand the extent of potentially impacted data. Our investigation remains active and ongoing.”
The plot thickens people, a plausible explanation for this cyber chaos could be a tasty disagreement between members and affiliates of the original ransomware gang. This kerfuffle could’ve landed the stolen data into troubled waters and exposed Change Healthcare to more extortion attempts.
The Mysterious Disappearing Act
ALPHV, a Russia-based ransomware gang that has a thing or two to do with courage, honor, and disappearing acts, was pinned down for the original data theft from Change Healthcare. The twist is ALPHV, along with the alleged ransom payment from Change Healthcare, vanished into thin cyber air. Just like that!
An affiliate of ALPHV, let’s call them the ‘contractor’, using the gang’s malware for cyberattacks, took responsibility for the Change Healthcare data breach. This ‘contractor’ accused ALPHV for not dividing the ransom spoils and vanished with all the moolah. The ‘contractor’ also claims to still have the patients’ data.
Now enters RansomHub, like a late dramatic entry in a reality show, claiming that they are the one who has the data, not ALPHV. Apparently, RansomHub is keeping company with the ‘contractor’ who retained the data post the fallout with ALPHV.
The Billion-Dollar, or Less, Question
UnitedHealth is yet to confirm if any ransom was paid to these cloak and dagger operators or give us an insight into the size of the data compromised. On March 27, they admitted they bought a dataset in return for ransom which they now hope isn’t like opening a Pandora’s box.
The company’s prime directive is to scan data packed with health information, personally identifiable information, claims, eligibility, or financial data. As the cyber controversy grows, so does the concern over the possible release of patient data in public, which could mean significant consequences for all caught in the crossfire.
So folks, brace yourself as this digital game of cat and mouse gets hotter. Buckle up, pop some popcorn and stay tuned for more updates in this real life digital thriller.
