BlackCat Ransomware Strikes Henry Schein Again, Causes Business Disruption
- Written by Shipra Sanganeria Cybersecurity & Tech Writer
American healthcare giant, Henry Schein, disclosed that it was again restoring its systems after suffering a second cyberattack by the BlackCat/AlphV ransomware gang. Earlier, in October 2023, the gang breached its network, allegedly stealing 35TB of sensitive data.
On October 15, it first revealed the cybersecurity incident that had temporarily disrupted some of its business operations .
A few weeks after the announcement, the notorious BlackCat/AlphV ransomware gang took credit for the attack. In their post , they claimed to have re-encrypted Henry Schein’s system, while the latter was on verge of completely restoring it.
The stalled negotiations were blamed for the subsequent attacks. “Despite ongoing discussions with Henry’s team, we have not received any indication of their willingness to prioritize the security of their clients, partners, and employees, let alone protect their own network,” the post read.
The gang also threatened to release a portion of the stolen data related to internal payroll and shareholder folders, on its leak site.
Post this, the company in a letter to customers and suppliers warned about a possible data breach, wherein bank account numbers, credit card details and other sensitive information might have been compromised.
Following this, on November 22, Henry Schein again issued a public statement disclosing another BlackCat cyberattack . ‘’Certain Henry Schein applications, including its ecommerce platform, are currently unavailable. The Company continues to take orders using alternate means and continues to ship to its customers,” the statement said.
It also assured customers that it’s using alternative channels to book customer orders.
In a further update, Henry Schein revealed that its US ecommerce platform has resumed operations , and it’s expecting the Canada and Europe platforms to be online shortly.
Cybersecurity Incident Affects Fidelity National Financial Services
- Written by Shipra Sanganeria Cybersecurity & Tech Writer
In a recent disclosure, Fidelity National Financial (FNF) revealed a cybersecurity breach that affected some of its systems.
The incident that resulted in service disruptions of certain FNF businesses, was reported in regulatory filings (Form 8-K) with the US Securities and Exchange Commission (SEC) on November 19, 2023. The affected services included, title insurance, escrow, mortgage transactions and technology to the real estate and mortgage industries.
However, the incident did not impact its majority-owned subsidiary, F&G Annuities & Life, provider of insurance solutions.
In the 8-K filing, FNF stated that it launched a third-party cybersecurity expert-assisted investigation, upon discovering the attack. In addition to notifying the concerned law authorities, it also temporarily blocked certain systems to contain the incursion.
Without going into details about the attack, FNF stated that the ongoing investigation revealed ‘’an unauthorized third party accessed certain systems and acquired specific credentials’’. It is further trying to determine the impact of the incident and assess its material impact on the company.
It also reiterated its commitment to resolving this incident and ensuring restoration of normal business operations quickly and safely.
Meanwhile, on November 22, the notorious ransomware gang, AlphV/ Black Cat claimed credit for the attack , adding the company to its leak site.
The threat actor did not clearly mention whether it had stolen any data from the targeted victim’s network. It claimed to reveal the information at a later date, if FNF refused to fulfill the ransom demands.
This incident comes close on the heels of the attack on Mr. Cooper Group , one of the largest mortgage service providers in the US. The attack had prompted the firm to temporarily lock down its systems, disrupting its mortgage payment services.
