Healthcare solutions giant Henry Schein recently revealed a data breach impacting 166,432 individuals, following a series of ransomware attacks by the BlackCat (ALPHV) group in 2023. Henry Schein, a Fortune 500 company with operations across 32 countries, initially detected a cyberattack on October 15, 2023, which led to a partial system shutdown to contain the impact on its manufacturing and distribution operations. Although the company did not specify the attack type, the BlackCat ransomware gang claimed responsibility, alleging they stole 35 TB of sensitive data.
Following another attack in November 2023, BlackCat reportedly encrypted Henry Schein's network a second time after unsuccessful ransom negotiations, threatening further encryption if the ransom went unpaid. Although it’s unclear if BlackCat executed a third attack, the group released some stolen data on their leak site.
Over a year later, Henry Schein has confirmed in a notification to the Maine Attorney General that the breached data includes the personal information of 166,432 individuals. According to the company, an extensive review by an external cybersecurity firm took much of the first half of 2024 to identify impacted files and individuals. To support affected individuals, Henry Schein is offering a complimentary 24-month membership to Experian’s IdentityWorksSM for credit monitoring and fraud detection.
