Topics
Latest
AI
Amazon
Image Credits:Tiffany Hagler-Geard / Bloomberg / Getty Images
Apps
Biotech & Health
Climate
Cloud Computing
Commerce
Crypto
Enterprise
EVs
Fintech
fund-raise
Gadgets
Gaming
Government & Policy
Hardware
layoff
Media & Entertainment
Meta
Microsoft
secrecy
Robotics
surety
Social
outer space
Startups
TikTok
transportation system
Venture
More from TechCrunch
Events
Startup Battlefield
StrictlyVC
Podcasts
video recording
Partner Content
TechCrunch Brand Studio
Crunchboard
reach Us
An extortion group has published a portion of what it says are the private and sensitive patient records on millions of Americans stolen during the ransomware attack on Change Healthcare in February .
On Monday , a new ransomware and extortion bunch that promise itself RansomHub published several files on its dark vane wetting site turn back personal data about patient role across different written document , including billing files , insurance policy record and aesculapian information .
Some of the files , which TechCrunch has seen , also contain contract and agreements between Change Healthcare and its partners .
RansomHub threatened to sell the information to the highest bidder unless Change Healthcare pays a ransom money .
It ’s the first clip that cybercriminals have publish evidence that they have in their possession medical and patient records from the cyberattack .
For Change Healthcare , there ’s another ramification : This is the second chemical group to demand a ransom defrayment to prevent the release of steal patient role information in as many month .
UnitedHealth Group , the parent fellowship of Change Healthcare , allege there was no grounds of a new cyber incident . “ We are bring with law enforcement and outside experts to look into claims brand online to understand the extent of potentially impacted data point . Our investigating remains active and on-going , ” say Tyler Mason , a interpreter for UnitedHealth Group .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
What ’s more likely is that a dispute between members and affiliates of the ransomware gang left the stolen data in limbo and Change Healthcare exposed to further extortion .
A Russia - based ransomware gang called ALPHVtook citation for the Change Healthcare data theft . Then , in early March , ALPHV suddenly disappeared along with a $ 22 million ransom payment that Change Healthcare allegedly paid to prevent the public press release of patient data .
An ALPHV affiliate — essentially a contractor who pull in a commission on the cyberattacks they launch using the gang ’s malware — went public exact to have carried out the information theft at Change Healthcare , but that the independent ALPHV / BlackCat gang stiffed them out of their helping of the ransom payment and vanished with the bunch . The contractile organ enounce the millions of patient ’ datum was “ still with us . ”
Now , RansomHub say “ we have the data and not ALPHV . ” Wired , which firstreported the second group ’s extortioneffort on Friday , abduce RansomHub as enounce it was associated with the affiliate that still had the data .
UnitedHealth antecedently reject to say whether it paid the hackers ’ ransom , nor did it say how much data point was stolen in the cyberattack .
The healthcare giant said in a statement on March 27 that it prevail a dataset “ safe for us to entree and analyze , ” which the party obtain in interchange for the ransom payment , TechCrunch instruct from a source with cognition of the on-going incident . UHG said it was “ prioritize the review of data point that we believe would belike have health information , in person identifiable info , title and eligibility or financial information . ”
As the Change Healthcare outage drags on , fearfulness grow that patient data could disgorge online
