Change Healthcare on Thursday confirmed that ransomware group Blackcat is behind the ongoing cybersecurity attack that’s caused widespread disruptions to pharmacies and health systems across the U.S.
“Our experts are working to address the matter and we are working closely with law enforcement and leading third-party consultants,” Change Healthcare told CNBC in a statement Thursday. “We are actively working to understand the impact to members, patients and customers.”
The company said it’s working with Mandiant, which is owned by Google, and cybersecurity software vendor Palo Alto Networks.
In a since-deleted post on the dark web, Blackcat said Wednesday that it was behind the attack on Change Healthcare’s systems. The group said it managed to extract six terabytes of data, including information like medical records, insurance records and payment information.
Change’s parent company UnitedHealth Group said it discovered that a cyber threat actor breached part of the unit’s information technology network on Feb. 21, according to a filing with the SEC. UnitedHealth isolated and disconnected the impacted systems “immediately upon detection” of the threat, the filing said, but it didn’t disclose the nature of the attack or exactly when it took place.
Blackcat, also called Noberus and ALPHV, steals sensitive data from institutions and threatens to publish it unless a ransom is paid, according to a December release from the U.S. Department of Justice. Blackcat has compromised computer networks across the U.S. and the globe, amounting to hundreds of millions of dollars in losses, the release said.
Change Healthcare offers tools for payment and revenue cycle management that help facilitate transactions like reimbursement payments. In 2022, it merged with the health-care provider Optum, which services more than 100 million patients in the U.S. and is owned by UnitedHealth, the country’s biggest health-care company by market cap.
Brett Callow, a threat analyst at the cybersecurity company Emsisoft, said ransomware groups will often make posts like these in an effort to bring victims to the negotiating table. Callow, who specializes in ransomware, shared a screenshot of Blackcat’s deleted post to the social media site X on Wednesday.
He said ransomware groups often exaggerate the amount of data they’ve stolen, so Blackcat’s claims should be treated with skepticism. It can take weeks for an organization to determine exactly what information was stolen, he added, and ransomware groups often use the period of uncertainty to their advantage.
“Cybercriminals, they’re not going to tell the truth,” Callow told CNBC in an interview.
UnitedHealth said in its filing with the SEC that it suspected a nation-state-associated actor was behind the attack, but Callow said Blackcat is a for-profit cybercrime operation. He called the discrepancy “peculiar,” but said there might be more to the breach that he doesn’t know about.
Ransomware attacks can be particularly dangerous within the health-care sector, as they can cause immediate harm to patients’ physical safety, said John Riggi, national advisor for cybersecurity and risk at the American Hospital Association.
When systems go dark, diagnostic technologies like CT scanners can go offline, and ambulances carrying patients are often diverted, which can delay lifesaving care, he said.
“Change, they’re a victim,” Riggi told CNBC. “Ultimately, though, this was not an attack just on them, this was an attack on the entire health-care sector.”
Change Healthcare’s systems have been down for nine straight days, and it’s unclear when they will come back online.
TAIPEI, TAIWAN – 2021/07/19: A foodpanda delivery man wearing a face mask rides past a Taiwanese flag ahead of the COVID-19 alert Level 3 restriction lift in Taipei. (Photo by Walid Berrazeg/SOPA Images/LightRocket via Getty Images)
Sopa Images | Lightrocket | Getty Images
Uber Technologies will acquire the Taiwan business of Delivery Hero-owned Foodpanda for $950 million in cash, as Foodpanda focuses on other markets.
The deal, subject to regulatory approval, is expected to close in the first half of 2025, the firms said in a joint statement on Monday.
In a separate agreement, Delivery Hero will sell $300 million in newly issued ordinary shares to Uber.
“We need to focus our resources on other parts of our global footprint, where we feel we can have the largest impact for customers, vendors and riders,” said Niklas Östberg, co-founder and CEO of Delivery Hero.
Pierre-Dimitri Gore-Coty, senior vice president of delivery at Uber, said the Taiwan market is “fiercely competitive” and the acquisition would help them grow in the market “where online food delivery platforms today still represent just a small part of the food delivery landscape.”
Foodpanda is one of the largest online food and grocery delivery platforms in Asia with a presence in markets including Singapore, Malaysia, Thailand, The Philippines and Hong Kong. In 2016, Germany’s Delivery Hero acquired the company.
Taiwan’s food delivery market is dominated by Foodpanda and Uber Eats. Data from insights platform Measurable AI up till August revealed that Foodpanda had a 52% market share by order volume in Taiwan, while Uber Eats held the remaining 48% share.
The deal would be one of the largest international acquisitions in Taiwan, not including those in the semiconductor chip industry, according to the joint statement.
Delivery Hero said in February it had ended talks to sell its Foodpanda business in selected Southeast Asian markets. Östberg told CNBC the same month that the firm was “happy” to hold on to its Foodpanda business in Southeast Asia “forever.”
– CNBC’s Ryan Browne and Dylan Butts contributed to this report.
Tencent has faced a number of headwinds in 2022 including a Covid-induced slowdown in the Chinese economy and a tougher market for gaming.
Bobby Yip | Reuters
Tencent beat analyst estimates for revenue and profit in the first quarter, thanks to slightly better sales in the Chinese tech giants core gaming business and improved profitability at its advertising and business services division.
Here’s how Tencent did in the March quarter versus LSEG consensus estimates:
Revenue: 159.5 billion Chinese yuan ($22 billion) versus 158.4 billion yuan expected.
Profit attributable to equity holders of the company: 41.9 billion yuan versus 36.64 billion yuan anticipated.
Tencent’s adjusted net profit was up 62% year-on-year, marking the fastest growth since the March quarter of 2021, according to LSEG data. Revenue jumped 6% year-on-year.
This is a breaking news story. Please check back for more.
Sony said sales of its flagship PlayStation 5 console totalled 20.8 million in the fiscal year 2023 slightly lower than an already revised-down 21 million unit target.
Nikos Pekiaridis | Nurphoto | Getty Images
Sony on Tuesday reported a 7% drop in annual profits in the fiscal year 2023, dragged down by a decline in its financial services division.
The company also narrowly missed its forecast for unit sales of its flagship PlayStation 5 gaming console for the full year.
Here’s how Sony did in the March quarter versus LSEG consensus estimates:
Revenue: 3.5 trillion yen ($22.4 billion) versus 2.89 trillion yen expected. That represents a 14% increase year-over-year — but the first drop since Sony’s 2020 September quarter, according to LSEG data.
Operating profit: 229.4 billion yen versus 236.81 billion yen expected. That marks a 57% jump year-over-year.
The Japanese gaming giant reported 2023 revenue of 13 trillion, an increase of 19% year-over-year.
Sony’s operating profit for the full year, though, came in at 1.2 trillion yen, down 7% year-over-year.
Sony narrowly missed its revised down target for PlayStation 5 sales. The firm said that sales of its flagship console totalled 20.8 million in the fiscal year 2023.
Sony expects even weaker sales of 18 million units of its PS5 in the year ending March 2025, a company executive said, according to Reuters.
It comes after Sony on Monday announced a management shakeup in its Sony Interactive Entertainment (SIE) gaming unit, with the division’s interim CEO Hiroki Totoki becoming chairman of the business.
Long-time Sony executives Hideaki Nishino and Hermen Hulst were appointed CEO of the Platform Business Group and Studio Business Group, respectively — two newly created divisions of SIE.
Financial unit weighs on profit
Sony said its financial services business was the primary segment driving down profit.
In 2023, operating income in the financial services unit came in at 173.6 billion yen, marking a 22.5% year-on-year drop after a firm increase in 2022.
The company also suffered from a decline in its imaging and sensing solutions (I&SS) business, which houses its imaging chips.
Sony’s I&SS business recorded operating income of 193.5 billion yen, down 9% from 2022.
Sony said it’s forecasting a drop in overall group revenue for the current fiscal year. The company expects sales will reach 12.3 trillion yen for the year ending March 2025, down 5%.
Fiscal year 2024 operating income is expected to total 1.28 trillion yen, up 5%, Sony said in its consolidated results.
