Key Points:
- Change Healthcare experienced another significant cyber attack shortly after a major ransomware attack earlier in the year, causing disruptions to prescription services across the United States.
- The recent attack was carried out by a relatively new threat actor called RansomHub, distinct from the previous attack orchestrated by the ALPHV/BlackCat threat collective.
- RansomHub claims to have stolen 4TB of sensitive data from Change Healthcare’s network. This includes personally identifiable information (PII) of active US service members and other patients, medical records, insurance records, payment information, and over 3,000 source code files for Change Healthcare solutions.