Henry Schein has lastly revealed an information breach following a minimum of two consecutive cyberattacks in 2023 by the BlackCat Ransomware gang, revealing that greater than 160,000 individuals had their private data stolen.
Henry Schein is a healthcare options supplier and a Fortune 500 firm with operations and subsidiaries in 32 nations and revenues of greater than $12 billion in 2022.
On October 15, the corporate revealed that it was pressured to take some methods offline to comprise a cyberattack that affected manufacturing and distribution operations.
Whereas Henry Schein didn’t reveal the character of the assault, the BlackCat (ALPHV) ransomware gang claimed accountabilityclaiming that 35TB of confidential recordsdata had been stolen.
Nearly a month later, on November 22, the corporate returned to revealed who suffered one other assault, once more by the BlackCat ransomware gang now shut down.
The ransomware gang claimed to have encrypted Henry Schein’s community for the second time after negotiations failed they usually threatened to encrypt him a 3rd time if the ransom was not paid.
Whereas it’s unknown if the menace actors carried out one other assault, they printed a few of Henry Schein’s stolen knowledge on their knowledge leak website.
Now, greater than a yr later, Schein has confirmed in an information breach notification to Maine Legal professional Basic that the ransomware gang stole the private knowledge of 166,432 individuals throughout these assaults.
“Following the incident, the Firm labored with a third-party professional agency to overview probably affected recordsdata to determine data obtained by an unauthorized third get together as a part of the incident,” Henry Schein’s knowledge breach notification reads.
“This overview required important time and assets and progressed through the first half of 2024.”
“The investigation not too long ago decided that your private data was affected as a part of the incident, together with your (Extra2). Different delicate details about you may additionally have been affected, which can rely upon data that was beforehand offered to the Firm about you.”
BleepingComputer contacted Henry Schein to ask what sort of information was stolen within the assault, however didn’t obtain a response.
The corporate is now providing affected customers a free 24-month membership to Experian’s IdentityWorksSM to assist monitor credit score historical past and detect indicators of fraud.
