Hospital technology giant NextGen Healthcare said it is responding to a cyberattack after a notorious ransomware group added the company to its list of victims.
The multibillion-dollar healthcare giant produces electronic health record (EHR) software and practice management systems for hundreds of the biggest hospitals and clinics in the U.S., U.K., India and Canada.
On Tuesday, hackers associated with the AlphV/BlackCat ransomware added the company to its list of victims alongside several other businesses.
A spokesperson for NextGen Healthcare said it is aware of the claim and explained that they have been working with cybersecurity experts to “investigate and remediate” the issue.
“We immediately contained the threat, secured our network, and have returned to normal operations,” the spokesperson said. “Our forensic review is ongoing and, to date, we have not uncovered any evidence of access to or exfiltration of client data. The privacy and security of our client information is of the utmost importance to us.”
AlphV/BlackCat continues to be one of the most commonly seen ransomware strains, accounting for more than 100 attacks since it emerged in 2021.
Several experts believe the ransomware is used by the same people who attacked Colonial Pipeline in 2021.
The criminal gang has existed in some form since 2012, according to researchers from Symantec, who said it began using the Carbanak malware to steal money from organizations in the banking, hospitality and retail sectors.
Three members of the group were arrested in 2018 before it evolved into a ransomware-as-a service (RaaS) operation around 2020.
It has repeatedly updated its ransomware operation since the headline-grabbing attack on Colonial Pipeline — in which it used the Darkside ransomware to cripple gas stations across the East Coast in May 2021.
Scrutiny from law enforcement forced the group to shelve the ransomware and create a new one named BlackMatter, which was used to target agricultural companies during harvest season in the fall of 2021.
AlphV/BlackCat has now been used in other high profile attacks on colleges and universities across the U.S. as well as businesses like Japanese video game giant Bandai Namco, toy production company Jakks Pacific, two German oil companies and Italian fashion brand Moncler.
The FBI said last year that the ransomware was the first to successfully use RUST, a programming language that many consider to be more secure than others.
“BlackCat-affiliated threat actors typically request ransom payments of several million dollars in Bitcoin and Monero but have accepted ransom payments below the initial ransom demand amount,” the FBI said.
“Many of the developers and money launderers for BlackCat/ALPHV are linked to Darkside/Blackmatter, indicating they have extensive networks and experience with ransomware operations.”
A representative of the group spoke to The Record in February 2022, claiming that most of the major ransomware groups are somewhat connected because of how they operate.
Read More: news.google.com
Bitcoin 
Ethereum 
Tether 
BNB 
USD Coin 
XRP 
Binance USD 
Cardano 
Dogecoin 
Polygon 
OKB 
Solana 
Lido Staked Ether 
Polkadot 
Shiba Inu 
Litecoin 
Avalanche 
TRON 
Uniswap 
Dai 
Cosmos Hub 
Wrapped Bitcoin 
Chainlink 
Toncoin 
Ethereum Classic 
Monero 
LEO Token 
Aptos 
Bitcoin Cash 
Stellar 
ApeCoin 
Quant 
Filecoin 
NEAR Protocol 
Cronos 
Lido DAO 
Algorand 
Hedera 
VeChain 
Fantom 
Internet Computer 
Decentraland 
Axie Infinity 
Aave 
The Sandbox 
Flow 
EOS 
MultiversX 
Theta Network 
Terra Luna Classic