November 2, 2023 at 02:56PM
Healthcare solutions provider Henry Schein has experienced a cyberattack, with the BlackCat ransomware gang claiming to have breached the company’s network and stolen 35 TB of data. While some business operations were disrupted, Henry Schein One practice management software remains unaffected. The company has notified law enforcement and hired cybersecurity experts to investigate the potential data breach. BlackCat has threatened to publish sensitive data unless negotiations are successful. It is speculated that the BlackCat group is a rebrand of the DarkSide/BlackMatter group responsible for the Colonial Pipeline attack.
– The BlackCat (ALPHV) ransomware gang has claimed responsibility for breaching the network of healthcare giant Henry Schein. They state that they have stolen dozens of terabytes of data, including payroll data and shareholder information.
– Henry Schein, a healthcare solutions provider and Fortune 500 company, disclosed on October 15 that it experienced a cyberattack that impacted its manufacturing and distribution businesses, leading to the temporary disruption of some operations.
– While some business operations were disrupted, Henry Schein states that its Henry Schein One practice management software has not been affected.
– Henry Schein has notified law enforcement authorities and has hired external cybersecurity and forensics experts to investigate the potential data breach resulting from the attack.
– In a letter issued one week after the cyberattack disclosure, Henry Schein urged customers to place orders through their representatives or dedicated telesales phone numbers.
– The BlackCat/ALPHV ransomware group claims that they breached Henry Schein’s network and stole 35 TB of sensitive files. They also mention that ongoing negotiations failed, leading to the re-encryption of the company’s devices just as Henry Schein was restoring its systems.
– The group has threatened to publish a portion of Henry Schein’s internal payroll data and shareholder folders on their collections blog. They state that they will continue to release more data daily.
– Henry Schein’s entry on the BlackCat data leak site has been deleted, suggesting that negotiations may have restarted or a ransom may have been paid.
– The BlackCat ransomware operation, suspected to be a rebrand of the DarkSide/BlackMatter group, gained notoriety after infiltrating Colonial Pipeline in 2021. The FBI has linked the group to successful attacks on over 60 organizations worldwide.
– A spokesperson for Henry Schein was not available for comment at the time of contact.