US Announces $10M Reward For Information On Change Healthcare Attackers

The State Department says it’s trying to track down the hackers at the Alphv/Blackcat ransomware group that claimed responsibility for the highly disruptive attack.

The U.S. State Department announced Wednesday it is offering a $10 million reward for information leading to the hackers who carried out the highly disruptive attack against prescription processor Change Healthcare.

The department is trying to track down the individuals within the Blackcat ransomware group, also known as Alphv, that claimed responsibility for the attack that crippled certain IT systems for Change Healthcare for several weeks. Change Healthcare is a unit of UnitedHealth Group’s Optum subsidiary.

CRN has reached out to UnitedHealth for comment.

[Related: Change Healthcare Breach: UnitedHealth Provides Up To $2B In Provider Aid, Medical Claims Software Coming]

Through its Rewards for Justice program, the State Department said it is “offering a reward of up to $10 million for information leading to the identification or location” of the hackers behind the Change Healthcare incident.

“The ALPHV BlackCat ransomware-as-a-service group compromised computer networks of critical infrastructure sectors in the United States and worldwide, deploying ransomware on the targeted systems, disabling security features within the victim’s network, stealing sensitive confidential information, demanding payment to restore access, and threatening to publicize the stolen data if victims do not pay a ransom,” the State Department said in its announcement.

The reward offer comes amid growing federal scrutiny over the Change Healthcare attack.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently expressed concerns about UnitedHealth’s transparency over the incident and a top U.S. lawmaker is seeking answers about the issues raised by the cybersecurity agency, according to a letter from U.S. Rep. Jamie Raskin this week.

In the letter addressed to UnitedHealth CEO Andrew Witty, Raskin wrote that CISA criticized the insurance giant’s transparency during a briefing to the House Committee on Oversight and Accountability earlier this month.

In a statement Tuesday, UnitedHealth said it is “committed to working with Congress and industry leaders to address cybersecurity to ensure the protection and resiliency of our health care system.”

The probe follows the launch of an investigation into the breach earlier this month by the Department of Health and Human Services. Through its Office for Civil Rights, the department said it is investigating the incident to determine if health data protected under federal law was stolen.

UnitedHealth disclosed the attack against Change Healthcare on Feb. 22, and disruptions from the incident were widely felt for weeks around the U.S. health-care system. The attack has reportedly prevented many U.S.-based pharmacies and hospitals, as well as other health-care facilities and offices, from processing claims and receiving payments.

UnitedHealth Group disclosed March 18 that it has advanced more than $2 billion “through multiple initiatives” to care providers with finances disrupted by the attack and has software coming for medical claims preparation. A spokesperson said Tuesday that the assistance program is now nearing the $3 billion mark.