blackbasta attacks Health Plan services inc.

Incident Date: Jul 06, 2022

Attack Overview

VICTIM

Health Plan services inc.

INDUSTRY

Insurance

LOCATION

USA

ATTACKER

Blackbasta

FIRST REPORTED

July 6, 2022

Request Removal

Healthplan Services Inc. Ransomware Attack

Overview of the Incident

Healthplan Services Inc., a prominent provider of insurance services, recently fell victim to a ransomware attack orchestrated by the Blackbasta group. Operating within the insurance sector, Healthplan Services Inc. offers a diverse array of services, including reinsurance, marine, property, aviation, accident, health, life, and other insurance services, catering to a broad customer base in the United States.

Although the exact size of Healthplan Services Inc. is not detailed, comparisons with Group Health Cooperative of South Central Wisconsin (GHC-SCW)—which boasts 79,000 members—suggest Healthplan Services Inc. might serve a similarly extensive clientele. This wide-ranging service offering, while beneficial, potentially exposes the company to increased cyber threats due to a larger attack surface.

Vulnerabilities and Attack Details

The specific vulnerabilities exploited in the attack on Healthplan Services Inc. remain undisclosed. However, insights from a related incident involving GHC-SCW, which thwarted a ransomware attempt yet suffered a data breach affecting over 533,000 individuals, imply that similar weaknesses could have been leveraged. Attack vectors such as phishing, unpatched software, or inadequate password policies are common culprits in such breaches.

Blackbasta, the ransomware group claiming responsibility for this attack, is notorious for its ALPHV or BlackCat ransomware, which it rents to other cybercriminals. This incident underscores the ongoing trend of ransomware attacks targeting the healthcare sector, causing significant operational disruptions.

The attack on Healthplan Services Inc. underscores the critical need for robust cybersecurity measures within the insurance sector, particularly for entities offering a wide range of services. While the full extent of the breach and the specific data compromised have not been detailed, the incident serves as a stark reminder of the cybersecurity challenges facing the insurance industry.

Sources

Bloomberg Company Profile - Healthplan Services Inc. URL: https://www.bloomberg.com/profile/company/0132880D:US
Cybersecurity and Infrastructure Security Agency (CISA) - Ransomware Guidance and Resources. URL: https://www.cisa.gov/ransomware
Federal Bureau of Investigation (FBI) - Ransomware. URL: https://www.fbi.gov/scams-and-safety/common-scams-and-crimes/ransomware

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.