• Another major US healthcare organization has been hacked, with po

    From TechnologyDaily@1337:1/100 to All on Thursday, November 14, 2024 17:15:05
    Another major US healthcare organization has been hacked, with potentially major consequences

    Date:
    Thu, 14 Nov 2024 17:09:00 +0000

    Description:
    American Associated Pharmacies has not yet confirmed the attack, but the hackers claim it paid up.

    FULL STORY ======================================================================American
    Associated Pharmacies allegedly fell prey to a ransomware attack The attackers are saying the company paid for the decryptor The group is asking for more money, to keep the stolen files private

    American Associated Pharmacies (AAP) is joining the ever-growing list of American healthcare organizations to have suffered a ransomware attack.

    Following the likes of Change Healthcare, Henry Schein, CommonSpirit, and
    many others, AAP appaears to have suffered the classic double whammy - having its sensitive data stolen, and its systems encrypted.

    A report from The Register claims the company is yet to make an official statement regarding the attack, having only force-reset passwords for all of its users, and notify them of the change. Say hi to Embargo

    "All user passwords associated with both APIRx.com and RxAAP.com have been reset, so existing credentials will no longer be valid to access the sites," the company said in a short announcement. "Please click 'forgot password' on the log in screen and follow the prompts accordingly to reset your password."

    At the same time, the group that assumed responsibility for the attack is called Embargo. You can be excused for not hearing about them, as theyre a relatively new group. ESET seems to be the first to spot the new actor, when it used endpoint detection and response (EDR) killing tools to drop its payload, last June. It also observed the group using a Rust-based ransomware kit.

    New or not, Embargo claims to have stolen almost 1.5TB of sensitive data. It also claims that AAP paid $1.3 million to have its systems restored, and that it needs to pay an additional $1.3 million to keep the stolen files off the dark web.

    We dont know what kinds of documents Embargo stole from the company, but if the Change Healthcare attack was any indication, they could be highly classified information whose leak could lead to class-action lawsuits and regulatory pressure.

    We have reached out to AAP with additional questions and will report if we hear anything back. You might also like United Health confirms largest ever
    US healthcare data breach, says 100 million users had info stolen Here's a list of the best firewalls today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/another-major-us-healthcare-organizatio n-has-been-hacked-with-potentially-major-consequences


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)