Hackers behind UnitedHealth Group cyberattack reportedly identified

Change Healthcare hit with cyberattack last week

Hackers that allegedly caused the UnitedHealth Group cyberattack reportedly posted on the dark web that they stole personal data and the records of "millions" of patients.

In a now-deleted post, the Blackcat ransomware group – also known as ALPHV or Noberus – said it stole several terabytes of data from UnitedHealth, which includes medical insurance and health data, Reuters reported, citing screenshots of the post.

The group has been behind several other ransomware attacks. 

PHARMACIES SCRAMBLE TO SERVE SICK CUSTOMERS AS 'NATION-STATE' BLAMED FOR ONGOING CYBERATTACK OUTAGE

The group said it stole information from the company's partners, including Medicare, the U.S. military medical health agency Tricare and CVS Health.

FOX Business hasn't been able to independently verify these claims.

Change Healthcare, a company that handles orders and patient payments throughout the U.S., noticed a "cybersecurity issue" affecting its networks on the East Coast last week. Change Healthcare did not respond to FOX Business' request for comment on Thursday.

UnitedHealthcare

The Blackcat ransomware group says it stole several terabytes of data from UnitedHealth. (Michael Nagle / Bloomberg / Getty Images)

The incident led to some disruptions – including the ability to process patients' orders – at some smaller pharmacies as well as some larger companies.

"The fallout is only starting to happen now," ReasonLabs Chief Technology Officer Andrew Newman told FOX Business. He imagines "it will get worse for consumers" depending on how the data is used.

PHARMACIES NATIONWIDE FACE DELAYS AS HEALTH CARE TECH COMPANY REPORTS CYBERATTACK 

"We know that the likely destination for this data is the dark web, where Blackcat will auction it all off to the highest bidder," Newman said. "From there, consumers could expect to suffer from things like identity theft, credit score downgrades and more."

Ticker Security Last Change Change %
UNH UNITEDHEALTH GROUP INC. 597.26 -3.52 -0.59%

If everything this group said is true, Newman said that "it’s slightly concerning that UHG has not been forthcoming or transparent about the full extent of the hack."

GET FOX BUSINESS ON THE GO BY CLICKING HERE

Change Healthcare disclosed on its website last week that after it detected the issue it "took immediate action to disconnect our systems to prevent further impact." 

The company also said it believes that "the issue is specific to Change Healthcare and all other systems across UnitedHealth Group are operational."

UnitedHealth declined further comment.

A spokesperson for Walgreens previously told FOX Business that its pharmacy operations and the "vast majority" of its prescriptions were not affected. A spokesperson for CVS told Fox Business the company is aware of the outages but that there is "no indication that CVS Health's systems have been compromised."

FOX Business' Greg Norman and Timothy Nerozzi contributed to this report.