Hacker forum post claims UnitedHealth paid $22 mln ransom in bid to recover data
WASHINGTON, March 4 (Reuters) – A post on a hacker forum popular with cybercriminals has claimed UnitedHealth Group (UNH.N) paid $22 million in a bid to recover access to data and systems encrypted by the “Blackcat” ransomware gang, according to two researchers.
Neither UnitedHealth nor the hackers involved have commented on the alleged ransom payment, but a cryptocurrency tracing firm partially corroborated the claim on Monday.
It is not uncommon for large companies that have been victimized by ransomware gangs to decide to pay the hackers to regain control of their networks, especially in instances where a significant disruption to customers and partners occurred.
The forum post, dated Sunday, said a partner of Blackcat was responsible for the intrusion into UnitedHealth. The message, allegedly from the partner, included a link showing that someone had moved about 350 bitcoins, now worth about $23 million as the value of the cryptocurrency rises, from one digital currency wallet to another.
The owner or owners of the respective wallets is not publicly available, but blockchain analysis firm TRM Labs said the destination of the funds was “associated with AlphV,” also known as Blackcat, noting it had seen that address used to collect ransom payments from other AlphV victims.
Reuters
