Article Details
Scrape Timestamp (UTC): 2024-10-24 21:42:56.099
Original Article Text
Click to Toggle View
Henry Schein discloses data breach a year after ransomware attack. Henry Schein has finally disclosed a data breach following at least two back-to-back cyberattacks in 2023 by the BlackCat Ransomware gang, revealing that over 160,000 people had their personal information stolen. Henry Schein is a healthcare solutions provider and a Fortune 500 company with operations and affiliates in 32 countries and revenue of over $12 billion in 2022. On October 15, the company disclosed that it was forced to take some systems offline to contain a cyberattack that impacted manufacturing and distribution operations. While Henry Schein did not disclose the nature of the attack, the BlackCat (ALPHV) ransomware gang claimed responsibility, stating that they stole 35 TB of sensitive files. Almost a month later, on November 22, the company once again disclosed that it suffered another attack, again by the now shut down BlackCat ransomware gang. The ransomware gang claimed to have encrypted Henry Schein's network a second time after negotiations failed and threatened to encrypt it a third time if a ransom was not paid. While it is unknown if the threat actors followed through with another attack, they released some of the data stolen from Henry Schein on their data leak site. Now, over a year later, Schein has confirmed in a data breach notification to the Maine Attorney General that the ransomware gang stole the personal data of 166,432 people during these attacks. "Following the incident, the Company worked with an outside expert firm to review potentially affected files in order to identify information that was obtained by the unauthorized third-party as part of the incident," reads Henry Schein's data breach notification. "This review required substantial time and resources and progressed during the first half of 2024." "The investigation recently determined that your personal information was affected as part of the incident, including your [Extra2]. It is possible that other sensitive information about you was also impacted, which may depend on what information was previously provided to the Company about you." BleepingComputer contacted Henry Schein to ask what type of data was stolen in the attack but did not receive a response. The company is now offering impacted users a free 24-month membership to Experian's IdentityWorksSM to help monitor credit history and detect signs of fraud.
Daily Brief Summary
Henry Schein, a prominent healthcare solutions provider, disclosed a significant data breach affecting 166,432 individuals.
The breach occurred following two consecutive cyberattacks in 2023 by the defunct BlackCat Ransomware gang.
The initial attack on October 15 led to the shutdown of certain systems to mitigate damage, influencing the company's manufacturing and distribution.
BlackCat claimed responsibility, stating they stole 35 TB of sensitive data and encrypted Henry Schein's network.
A second attack occurred in November when ransom negotiations failed; the gang threatened further encryptions and released some stolen data.
The company undertook an extensive review with external experts throughout the first half of 2024 to identify the compromised information.
The available remedies for affected individuals include a two-year free subscription to Experian's IdentityWorksSM for monitoring potential fraud.
The specifics of the stolen data remain unclear as the company has not provided detailed information on what personal information was compromised.