Henry Schein, a healthcare solutions company, revealed they suffered a cyberattack on October 15. Two weeks later, the ransomware group Alphv/BlackCat took credit for the hack and threatened to re-encrypt files after negotiations with Henry Schein stalled. Last week, the company confirmed that its applications are again down due to the cybercrime group’s activity.
- BlackCat initially claimed that they stole over 35 terabytes of sensitive data. An internal investigation from Henry Schein confirmed that the attackers exfiltrated customer and supplier personal information, bank account numbers, and other financial details. The company serves over one million customers globally.
- Just before BlackCat re-encrypted Henry Schein’s files, the company had nearly restored its systems. On November 22, the company confirmed that its applications and e-commerce platform were once again down. On November 26, the company stated that the disruption would likely be short-term. BlackCat also recently removed Henry Schein from their leak website, possibly indicating negotiations resumed following the re-encryption.