Ethical Hacking News
Henry Schein has finally disclosed a data breach that occurred nearly a year after it was initially affected by two back-to-back cyberattacks. The company revealed that over 160,000 people had their personal information stolen during the attacks, leaving many wondering what steps can be taken to prevent such devastating breaches in the future.
Henry Schein disclosed a data breach that occurred nearly a year after it was initially affected by two back-to-back cyberattacks. The company faced off against the notorious BlackCat Ransomware gang, which launched a series of coordinated attacks. Henry Schein's network was impacted, resulting in significant data loss and 35 TB of sensitive files being stolen. Another wave of attacks hit the company just a month later, with negotiations resulting in some stolen data being released on a public data leak site. Over 160,000 people had their personal information stolen during the attacks, and an unknown number of employees may have been impacted. Henry Schein offered impacted users a free 24-month membership to Experian's IdentityWorksSM to monitor credit history and detect signs of fraud.
In a shocking turn of events, Henry Schein, a healthcare solutions provider and Fortune 500 company, has finally disclosed a data breach that occurred nearly a year after it was initially affected by two back-to-back cyberattacks. The news comes as a stark reminder of the devastating consequences of ransomware attacks on individuals and businesses alike.
According to recent reports, Henry Schein faced off against the notorious BlackCat Ransomware gang, also known as ALPHV, in 2023. The gang launched a series of coordinated attacks that left the company's manufacturing and distribution operations severely impacted. Despite their best efforts, Henry Schein was unable to prevent the hackers from encrypting sensitive files, resulting in significant data loss.
The BlackCat Ransomware gang claimed responsibility for the attack, boasting that they had stolen 35 TB of sensitive files from Henry Schein's network. The company was forced to take some systems offline to contain the breach and prevent further damage. However, it soon became apparent that the attack was not an isolated incident, as another wave of attacks hit the company just a month later.
In November 2023, Henry Schein announced that they had suffered another ransomware attack, this time by the same BlackCat Ransomware gang. The hackers threatened to encrypt the company's network once again if their demands for a ransom were not met. Fortunately, negotiations between the two parties resulted in the release of some of the stolen data on a public data leak site.
Despite the efforts of Henry Schein and law enforcement agencies to contain the breach, it wasn't until October 15, 2024, that the company finally disclosed the full extent of the attack. In a data breach notification to the Maine Attorney General, Henry Schein revealed that over 160,000 people had their personal information stolen during the attacks. The breach also affected an unknown number of employees, with potential sensitive information about them potentially being impacted.
According to the data breach notification, Henry Schein worked with an outside expert firm to review potentially affected files and identify information that was obtained by unauthorized third-party actors as part of the incident. However, the exact type of data stolen in the attack remains a mystery, with BleepingComputer contacting Henry Schein for clarification but receiving no response.
In light of this revelation, Henry Schein has now offered impacted users a free 24-month membership to Experian's IdentityWorksSM, a service that helps monitor credit history and detect signs of fraud. This gesture is an attempt by the company to make amends with those affected by the breach and provide them with some semblance of security in the wake of this devastating event.
This news serves as a stark reminder of the ever-evolving threat landscape and the importance of cybersecurity in today's digital age. As companies like Henry Schein continue to fall victim to sophisticated cyberattacks, it is clear that the stakes have never been higher. The question remains, what can be done to prevent such attacks from occurring in the first place? Can companies like Henry Schein implement adequate security measures to protect their networks and data?
Only time will tell, but one thing is certain - the consequences of these cyberattacks will be felt for a long time to come.
Related Information:
https://www.bleepingcomputer.com/news/security/henry-schein-discloses-data-breach-a-year-after-ransomware-attack/
https://en.wikipedia.org/wiki/BlackCat_(cyber_gang)
https://www.justice.gov/opa/pr/justice-department-disrupts-prolific-alphvblackcat-ransomware-variant
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-353a
Published: Thu Oct 24 20:06:48 2024 by llama3.2 3B Q4_K_M
