November 27, 2023 at 10:24AM
Healthcare solutions company Henry Schein is in the process of restoring its systems after a ransomware group re-encrypted files during negotiations. The group, known as Alphv and BlackCat, claimed responsibility for the attack, saying they encrypted files and stole sensitive data. Henry Schein confirmed a data breach and potential theft of customer and supplier information. The company’s applications were temporarily unavailable due to actions by the threat actor, but disruptions are expected to be short term. Negotiations may have resumed, indicated by Henry Schein no longer being listed on the BlackCat leak website.
Key Takeaways from Meeting Notes:
1. Henry Schein, a healthcare solutions giant, experienced a cyberattack on October 15, causing disruption to its manufacturing and distribution businesses.
2. The ransomware group known as Alphv and BlackCat claimed responsibility for the attack, stating that they encrypted files on Henry Schein’s systems and stole 35 Tb of sensitive data.
3. A data breach occurred, and customer and supplier information, including personal information, bank account numbers, and payment card numbers, may have been compromised.
4. Negotiations with the cybercrime group initially stalled, leading them to re-encrypt files just as the company was nearly finished restoring systems.
5. As a result of actions by the threat actor, Henry Schein’s applications, including its ecommerce platform, became unavailable. However, disruptions are expected to be short term, and systems should be restored shortly.
6. At present, Henry Schein is no longer listed on the BlackCat leak website, indicating that negotiations may have resumed, potentially suggesting that a ransom was paid.
7. Henry Schein, headquartered in Melville, New York, offers business, clinical, supply chain, and technology solutions to dental and medical organizations. The company has over 23,000 employees and serves more than one million customers worldwide.
8. The meeting notes include related information about cyberattacks on healthcare organizations, a medical company fined for a data breach by the New York Attorney General, and a critical vulnerability in Mirth Connect that could expose sensitive healthcare data.