police

On March, 1 2024, Change Healthcare paid a 350BTC ($22 million dollars) ransom to the BlackCat/ALPHV group who held ~6 terabytes of sensitive patient data

The group accessed the information by leveraging compromised credentials on Citrix (remote access software) which did not have MFA set up

After the ransom payment, ALPHV allegedly exit scammed and took the money

On April 15, RansomHub, another RaaS, started leaking Change Healthcare files and tried to extort the company again

There are several lawsuits from the breach of sensitive data, but I doubt they will go far

Change Healthcare offers various services including billing, claim, payment processing, data exchange, workflow, appointments, and various pharmacy solutions

Their systems were down for over a week and had to completely rebuild their infrastructure

Initial damages are between $900m - $2billion in the first quarter

1st quarter revenue was $100 billion, at worst a mere 2%

Here is the BTC transaction hash ID:

9467a41c9c966b0ff990b8b8753dd44f60d7e20ed299c15f77695c40f3df5d27