Bad decisions of the company led to absolute power over the victim's systems.
ALPHV / BlackCat group announced its plans to encrypt Henry Schein's systems for the third time. The group's efforts are part of pressure on the company to end negotiations after a massive cyberattack in October. Ongoing negotiations with hackers are deteriorating, and the group accuses the company of a lack of professionalism.
Henry Schein, one of the world's leaders in the distribution of healthcare products and services, faced difficulties in restoring business operations after the attack. On October 15, the company announced that it was forced to disable some systems to localize the cyber attack. The shutdown of the systems led to failures in the production and distribution departments.
The story of events unfolds like a real saga: the company Henry Schein, apparently, is at a disadvantage. ALPHV / BlackCat posted a lengthy message on its website criticizing Henry Schein for a number of problems, including strategic mistakes, insufficient communication, and questionable decision - making.
Post on the BlackCat website
In the message, the group declares the "next level of attack" and divides it into three parts: a description of what happened, Henry Schein's data security issues, and future plans. In addition, the group provided some sort of "lessons" learned from these events for the company's cybersecurity team and negotiators.
"Coveware, Stroz Friedberg, AVASEK, Proskauer, Clearly and others have realized that they should not be overconfident when working with ALPHV. Their strategies turned out to be harmful, as a result of which the respected company suffered operating losses totaling more than $500 million in 2 months," the extortionists said.
The message is accompanied by samples of 35 TB of confidential information that BlackCat claims the group extracted from Henry Schein's servers. The data includes confidential employee emails, passport data, customer personal data, and vendor bank accounts.
The group also published a copy of the Stroz Friedberg report, which indicates the possibility of unlimited BlackCat access to the company's systems.
Stoltz Friedberg Report
The first attack was revealed on October 15, when the company shut down some systems to prevent the malware from spreading further. On November 13, the company confirmed that the attackers gained access to such confidential information as bank account details and credit card details. Most likely, other valuable information was also leaked. On November 22, the company announced that some of its apps and e-commerce platform were again disabled as a result of a new attack, for which the BlackCat group is also responsible.
ALPHV / BlackCat group announced its plans to encrypt Henry Schein's systems for the third time. The group's efforts are part of pressure on the company to end negotiations after a massive cyberattack in October. Ongoing negotiations with hackers are deteriorating, and the group accuses the company of a lack of professionalism.
Henry Schein, one of the world's leaders in the distribution of healthcare products and services, faced difficulties in restoring business operations after the attack. On October 15, the company announced that it was forced to disable some systems to localize the cyber attack. The shutdown of the systems led to failures in the production and distribution departments.
The story of events unfolds like a real saga: the company Henry Schein, apparently, is at a disadvantage. ALPHV / BlackCat posted a lengthy message on its website criticizing Henry Schein for a number of problems, including strategic mistakes, insufficient communication, and questionable decision - making.
Post on the BlackCat website
In the message, the group declares the "next level of attack" and divides it into three parts: a description of what happened, Henry Schein's data security issues, and future plans. In addition, the group provided some sort of "lessons" learned from these events for the company's cybersecurity team and negotiators.
"Coveware, Stroz Friedberg, AVASEK, Proskauer, Clearly and others have realized that they should not be overconfident when working with ALPHV. Their strategies turned out to be harmful, as a result of which the respected company suffered operating losses totaling more than $500 million in 2 months," the extortionists said.
The message is accompanied by samples of 35 TB of confidential information that BlackCat claims the group extracted from Henry Schein's servers. The data includes confidential employee emails, passport data, customer personal data, and vendor bank accounts.
The group also published a copy of the Stroz Friedberg report, which indicates the possibility of unlimited BlackCat access to the company's systems.
Stoltz Friedberg Report
The first attack was revealed on October 15, when the company shut down some systems to prevent the malware from spreading further. On November 13, the company confirmed that the attackers gained access to such confidential information as bank account details and credit card details. Most likely, other valuable information was also leaked. On November 22, the company announced that some of its apps and e-commerce platform were again disabled as a result of a new attack, for which the BlackCat group is also responsible.
