November 27, 2023 at 02:50PM
Healthcare company Henry Schein has reported a second cyberattack this month by the BlackCat/ALPHV ransomware gang, following a breach in October. The company has restored its U.S. e-commerce platform and expects the platforms in Canada and Europe to be back online soon. The BlackCat gang claims to have stolen 35 terabytes of sensitive data and threatens to release more daily. The group is believed to be a rebrand of DarkSide/BlackMatter, previously known for attacking Colonial Pipeline. The FBI has connected the group to over 60 breaches between November 2021 and March 2022. Henry Schein has not commented on the attacks.
From the meeting notes, we can gather the following key takeaways:
1. Henry Schein, a major healthcare company, has experienced multiple cyberattacks by the BlackCat/ALPHV ransomware gang. The first attack occurred in October, and a second one happened in November.
2. As a result of the cyberattacks, certain Henry Schein applications, including their e-commerce platform, were temporarily taken down. However, the company has restored its U.S. e-commerce platform and expects Canada and Europe platforms to be back online shortly.
3. Henry Schein has been receiving orders through alternative channels and is still shipping to its customers in the impacted areas.
4. The BlackCat ransomware gang claims to have breached Henry Schein’s network and stolen 35 terabytes of sensitive data. These threat actors re-encrypted the company’s devices after negotiations failed.
5. BlackCat has been linked to the DarkSide/BlackMatter gang, known for their high-profile attack on Colonial Pipeline. The FBI has connected BlackCat to over 60 breaches globally between November 2021 and March 2022.
6. Henry Schein has not yet responded to requests for comment regarding the cyberattacks disclosed this month.
These takeaways provide an overview of the cyberattacks faced by Henry Schein and the actions taken to address the situation.