
Henry Schein, a healthcare tech and product distribution business, finalized a lengthy inquiry into the devastating 2023 ransomware attack, revealing its massive scope.
Some of the investigations’ details were revealed in a breach notification letter Henry Schein sent to people affected by the attack. According to the company, on October 14th, 2023, a “portion of its manufacturing and distribution businesses” suffered an attack that disrupted its operations.
The incursion was carried out by the now-defunct ALPHV/BlackCat ransomware cartel, a once prominent Russia-linked cyber gang whose damages ballooned to tens of millions of dollars worldwide.
During the widely publicized attack, cybercrooks claimed that they’d stolen copious amounts of data from the company—a whopping 35 TB in total, including sensitive details such as patient medical histories and treatment and insurance details.
In late December 2023, Henry Schein said that nearly 30,000 individuals were impacted by the attack. However, recent data that the company submitted to the Maine Attorney General shows the breach was far more damaging.
The investigation, which Henry Schein claims “required substantial time and resources,” revealed that over 166,000 individuals were exposed in the attack, 5.5 times more than initial calculations said.
Interestingly, the recent notification excludes the type of user data that was exposed. However, the company’s previous letter to impacted victims, sent in late 2023, said attackers got their hands on the company’s employees’ details, such as:
- Names
- Addresses
- Phone numbers
- Photographs
- Dates of birth
- Demographic and background information
- Government-issued ID numbers (e.g., Social Security numbers, driver’s licenses or state identification numbers, passport numbers)
- Financial information (e.g., bank account information, credit card number, loans)
- Medical history
- Treatment and insurance information
- Details of employment at the Company (e.g., job title, compensation),
- IP addresses
It’s unclear if the revised number of victims includes the 30,000 from last year or if the exposed data is the same. We have contacted Henry Schein for clarification and will update the article once we receive a reply.
The attack severely impacted the company’s performance. Its second-quarter revenue came in at $3.14 billion, while analysts estimated a $3.27 billion revenue, Reuters reported. The company has also cut its annual profit forecast.
“We are experiencing improving sales trends in our distribution businesses. However, the pace of recovery in these businesses since the cyber incident late last year has been slower than anticipated,” CEO Stanley Bergman said in August.
New York-based Henry Schein is a major distributor of healthcare products and services, operating in over 30 countries. Last year, the company’s revenue exceeded $12 billion.
Meanwhile, ALPHV/BlackCat ransomware was first observed in 2021. The Russian-affiliated gang carried hundreds of attacks with more than 200 victims in the first half of 2023 alone. However, the cybercartel disbanded in March 2024 after the devastating attack on Change Healthcare.
Your email address will not be published. Required fields are markedmarked