The listings featured on this site are from companies from which this site receives compensation and some are co-owned by our parent company. This influence: Rank and manner in which listings are presented.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

BlackCat Claims Ransomware Attack on Henry Schein

BlackCat Claims Ransomware Attack on Henry Schein
Author Image Keira Waddell
Keira Waddell Published on 10th November 2023 Former Senior Writer

The BlackCat (also known as ALPHV) ransomware group has claimed responsibility for an attack on healthcare giant Henry Schein, announcing that they have successfully exfiltrated 35TBs of sensitive data from its network. The exposed data includes internal payroll information and shareholder files.

The attack, which occurred in October, also led to a temporary disruption of Henry Schein's manufacturing and distribution operations, prompting the company to shut down some internal systems to contain the incident.

Negotiations between the company and the BlackCat group have ultimately failed, resulting in the re-encryption of Henry Schein's network systems and thwarting the recovery efforts that were underway.

BlackCat, in a statement released on their dark web leak site, highlighted what they deemed as a lack of commitment from Henry Schein's management team in prioritizing the security of their clients, partners, and employees.

The group specifically called out the efforts of the ransomware recovery firm Coveware Company, employed by Henry Schein, alleging that negotiations with them were marked by delays.

In response to the stalled negotiations, the BlackCat group threatened to release segments of the stolen data on their collections blog. However, no data had been published on the blog as of the last update.

In fact, Henry Schien has recently been removed from the BlackCat leak blog entirely, triggering speculation that the ransom negotiations may have resumed. Despite this, the company has yet to provide an official statement, leaving stakeholders and observers curious about whether the ransom will be paid.

This attack on Henry Schein is the latest in a series of high-profile breaches attributed to the BlackCat ransomware group, with their operations extending beyond the healthcare sector. The group's affiliation with other prominent ransomware entities, such as Conti, LockBit, and REvil, underscores the reach of their criminal operations.

Furthermore, their reported involvement in numerous attacks in recent years, resulting in substantial financial losses for multiple organizations, has heightened concerns about the growing threat posed by ransomware groups worldwide.

About the Author

  • Author Image Keira Waddell
  • Keira Waddell Former Senior Writer

Keira was a senior writer at vpnMentor. She is an experienced cybersecurity and tech writer dedicated to providing comprehensive insights on VPNs, online privacy, and internet censorship.

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address