Overview
On October 15, 2023, healthcare giant Henry Schein fell victim to a cyberattack by the BlackCat (ALPHV) ransomware gang. The attack forced the company to take precautionary measures, resulting in temporary disruptions to its manufacturing and distribution businesses. Henry Schein, a Fortune 500 company with operations in 32 countries and revenue exceeding $12 billion in 2022, promptly notified law enforcement authorities and engaged external cybersecurity experts to investigate a potential data breach. The organization's network was compromised through a cyberattack by the BlackCat (ALPHV) ransomware gang. The specific attack method has not yet been disclosed. Initial signs of the incident were detected on October 14, 2023.
The attack significantly affected Henry Schein's operations, particularly in its manufacturing and distribution businesses. While the Henry Schein One practice management software remained unaffected, sensitive data, including payroll information and shareholder data, were compromised. The attackers claimed to have stolen 35 terabytes of data.
Response and Recovery
The company took swift action to contain the ransomware by taking certain systems offline and implementing other precautionary measures.
Henry Schein's incident response plan was activated and proved useful in containing the incident. The company promptly notified stakeholders, including law enforcement authorities, about the attack.
They have not disclosed whether negotiations with the attackers were pursued, or if any ransom was paid. Henry Schein is actively working to restore affected systems and data. The expected downtime and impact on business operations have not been specified.
Recommendations
Executives should prioritize cybersecurity measures to prevent future incidents, including regular security assessments and employee training. Implement and regularly test incident response plans to ensure an effective and swift response in case of a breach. To strengthen security measures and prevent future ransomware attacks, Access Point recommends organizations commit to a comprehensive security overhaul, including but not limited to, regular security audits, employee training, and robust access controls. The lessons learned from this incident should inform future security practices, emphasizing the importance of proactive cybersecurity measures.
The breach by the BlackCat (ALPHV) ransomware gang had a significant impact on Henry Schein's operations and resulted in the compromise of sensitive data. The company's response was prompt and effective, but there is a need for ongoing efforts to strengthen security measures and prevent future incidents. Regular assessments, employee training, and a robust incident response plan will be crucial in safeguarding the organization against future cyber threats.
.webp)
.png)
