Today: April 22, 2024
Today: April 22, 2024

Hacker forum post claims UnitedHealth paid $22 million ransom in bid to recover data

Share This
LA Post: Hacker forum post claims UnitedHealth paid $22 million ransom in bid to recover data
Reuters
Raphael Satter
March 04, 2024

By Raphael Satter

WASHINGTON (Reuters) - A post on a hacker forum popular with cybercriminals has claimed UnitedHealth Group paid $22 million in a bid to recover access to data and systems encrypted by the "Blackcat" ransomware gang, according to two researchers.

Neither UnitedHealth nor the hackers involved have commented on the alleged ransom payment, but a cryptocurrency tracing firm partially corroborated the claim on Monday.

It is not uncommon for large companies that have been victimized by ransomware gangs to decide to pay the hackers to regain control of their networks, especially in instances where a significant disruption to customers and partners occurred.

The forum post, dated Sunday, said a partner of Blackcat was responsible for the intrusion into UnitedHealth. The message, allegedly from the partner, included a link showing that someone had moved about 350 bitcoins, now worth about $23 million as the value of the cryptocurrency rises, from one digital currency wallet to another.

The owner or owners of the respective wallets is not publicly available, but blockchain analysis firm TRM Labs said the destination of the funds was "associated with AlphV," also known as Blackcat, noting it had seen that address used to collect ransom payments from other AlphV victims.

Asked whether it had paid the ransom, UnitedHealth said only that it was "focused on the investigation and the recovery."

Blackcat has not responded to repeated messages from Reuters sent over several days. Reuters could not immediately determine how to reach the purported partner hacker group or to access the cybercrime forum where the post was made, although it was able to view screenshots taken independently by two researchers, including Recorded Future's Dmitry Smilyanets.

The break-in at UnitedHealth's Change Healthcare unit, which has sparked disruption across the United States, has been the object of online intrigue. Blackcat claimed last week that it had stolen millions of sensitive records in the hack, only to quickly delete its post without explanation.

Meanwhile, the pain has continued to spread across the U.S. medical system as Change Healthcare's billing services remain paralyzed. The American Medical Association on Monday asked the Biden administration to make emergency funds available to physicians hurt by the outage.

(Reporting by Raphael Satter and Zeba Siddiqui; Editing by Jamie Freed)

Popular

Olympic champion Jepchirchir wins women's race at London Marathon

Olympic champion Peres Jepchirchir of Kenya pulled away late to win the London Marathon women’s race on Sunday and cement her status as the favorite to defend her gold in Paris

15 people suffer minor injuries in tram accident at Universal Studios theme park in Los Angeles

A tram accident at the Universal Studios Hollywood theme park in Los Angeles has injured 15 people

Ryan Garcia knocks Devin Haney down 3 times and hands his amateur rival his first pro loss

Ryan Garcia knocked Devin Haney down three times and handed the WBC super lightweight champion his first loss, winning the fight by majority decision but not the title because he was over the weight limit

Things to know about the NBA playoffs, which start Saturday

The Boston Celtics had almost no trouble at all with the 14 teams that didn’t make the playoffs this season, going 35-4 against those squads

Related

US commerce secretary downplays chip in advanced Huawei phone

Morning bid: Fragile FX, tech swoon cloud sentiment

Conservative Brazilians laud Elon Musk at rally in support of ex-president Bolsonaro

Tens of thousands of Colombians protest against the leftist president's reform agenda

- Advertisement -
Advertisement: Limited Time Offer