DailyPost 2884
CHANGE HEALTHCARE THOROUGHLY HACKED!
The more we change the less we do. Nothing much has changed. This is precisely the case in cyber security, even in an age where truism is ‘Getting hacked is the new normal’. Simultaneously, the battle for reclaiming personally identifiable data, PII, is raging. There are quite a few countries where strong data protection laws are already in place. Still enterprises dealing with endless quantum of data, not only PII, but also personally critical data, are dealing with cyber security in the most cavalier manner. The enterprises with their broken cyber security systems still have a good night’s sleep, taking our already accepted digital scare to digital fear psychosis.
The enterprise in question has testified that it was using a single set password on a user account and that it was not protected with multi factor authentication. What a terrible state of affairs. The hacked company we are talking about is Change Healthcare of the US, early this year. For the uninitiated this company processes billing and insurance of thousands of hospitals, pharmacies and medical practices across the US healthcare system. The ransomware attacks happened in February 2024 and the enterprise is still to get out of it or reach anywhere near closure.
Change Healthcare collects and stores vast amounts of highly sensitive medical data on patients. Through a series of mergers and acquisitions, Change has become one of the largest processors of medical data. It broadly handles between one-third and one-half of all US health transactions. The data breach is likely to have impacted more than 100 million people, at least. The medical data (PII) in control of the ransomware gang is on a roller coaster ride. On 21st February 2024 the outage was sudden. The billing system stopped functioning. The company confirmed of “experiencing a network interruption related to a cyber security issue.”
The hack was first attributed to hackers working for a nation state. Later it turned out to be a ransomware gang called ALPHV/Black Cat. A dark leak site connected to ALPHV also took the credit of the attack. This changed the motive and likely strategy for a proactive investigation. Financial motive was the key to understanding this hack. Change Healthcare paid $22 million as ransom. After extorting the ransom, the gang did the vanishing act. In place of the gang’s leak site, a seizure notice claiming that UK and US law enforcement took down the gang’s site. “All signs pointed to ALPHV running off with a ransom and pulling an exit scam”. Lots to unfold.
ARE DATA PROTECTION LAWS PAPER TIGERS?
Sanjay Sahay
Have a nice evening.