Health Law Highlights

Health Care Giant Comes Clean About Recent Hack and Paid Ransom

Summary of article from Ars Technica, by Dan Goodin:

Change Healthcare, a US health care services provider, was attacked by ransomware group ALPHV or BlackCat, disrupting the US prescription market for two weeks. The breach occurred due to a compromised account that lacked multifactor authentication (MFA), allowing hackers to access and exfiltrate data. The company paid a ransom of $22 million to ALPHV and spent two weeks rebuilding its IT infrastructure. The attack resulted in a cost of $872 million in the first quarter, leading to accelerated payments and no-interest, no-fee loans of over $6.5 billion to affected providers. Currently, the company’s payment processing is at 86% of its pre-incident levels.