Cyber Crime
UnitedHealth paid $22 Million to recover data after Ransomware Attack?
A post on a cybercriminal forum claims UnitedHealth Group paid $22 million to regain access to data and systems encrypted by the Blackcat ransomware gang, according to researchers. While neither UnitedHealth nor Blackcat have commented, a cryptocurrency tracing firm partially corroborates the claim.
Ransomware attacks often lead to companies paying hackers to regain control of their networks, especially when significant disruptions occur. The forum post, dated Sunday, alleges a Blackcat partner was responsible for the breach. The post included a link showing a transfer of approximately 350 bitcoins, currently valued at $23 million, from one digital wallet to another.
ALSO READ: International Cybercrime Ring Busted: Pig Butchering, Cyber Slavery, Stock & Passport Fraud Uncovered
While the wallet owners are unknown, blockchain analysis firm TRM Labs identified the receiving address as “associated with AlphV,” also known as Blackcat. They further noted this address has been used for ransom payments from other Blackcat victims.
When questioned about the ransom payment, UnitedHealth only stated they are “focused on the investigation and the recovery.” Blackcat has not responded to inquiries from Reuters.
The break-in at UnitedHealth’s Change Healthcare unit has significantly impacted the U.S. healthcare system. Blackcat initially claimed to have stolen millions of sensitive records, but later deleted the post without explanation.
Meanwhile, disruption continues as Change Healthcare’s billing services remain unavailable. The American Medical Association recently appealed to the Biden administration for emergency funds to support affected physicians.