Ransomware Strikes Again: Change Healthcare Breached by ALPHV/BlackCat
Ransomware Strikes Again: Change Healthcare Breached by ALPHV/BlackCat
On February 12, 2024, Change Healthcare fell victim to a significant ransomware attack orchestrated by the ALPHV/BlackCat group. This breach was initiated due to inadequate remote access authentication, specifically the absence of multi-factor authentication (MFA), which allowed attackers to infiltrate sensitive systems. The breach led to a ransomware deployment on February 21, severely disrupting operations and exposing sensitive patient data involved in numerous healthcare claims managed across the U.S. The incident not only highlights vulnerabilities in healthcare cybersecurity but also emphasizes the dire consequences of neglecting essential security protocols like MFA. Organizations must reassess their security frameworks to safeguard against such breaches.
Also In Security Today
- Consulting Radiologists, Ltd. Targeted: Another attack occurred on Consulting Radiologists, Ltd., affecting over 100 Minnesota healthcare facilities. The breach disrupted communication systems, revealing critical vulnerabilities in medical infrastructure. Learn more.
- Critical Vulnerabilities on the Rise: February has seen a spike in high-risk vulnerabilities, including critical remote code execution flaws in Microsoft products and Fortinet's FortiOS. Organizations are urged to patch these vulnerabilities immediately to mitigate risks. Learn more.
- Healthcare Sector Cybersecurity Risks: The recent events underscore the escalating threats faced by the healthcare sector, necessitating a focus on securing medical data and infrastructure against evolving cyber threats.