Earlier this week, the company published a press release notifying the media of a ransomware attack that occurred on November 22. As a result, the company’s e-commerce platform, as well as a couple of apps, were forced offline.
“Certain Henry Schein applications, including its ecommerce platform, are currently unavailable. The Company continues to take orders using alternate means and continues to ship to its customers,” it said in the announcement.
Soon after publishing the press release, it managed to restore the e-commerce platform for U.S. customers and is currently working on bringing it back online for Canadians and Europeans. However, the company is still receiving orders through alternative channels, BleepingComputer reports.
“Henry Schein has identified the cause of the occurrence. The threat actor from the previously disclosed cyber incident has claimed responsibility.”
Leaking sensitive data
That threat actor from the previously disclosed cyber incident is ALPHV (AKA Black Cat), which added Henry Schein to its list of breached companies on October 15. This time around, the attack is the result of the negotiations for the previous one breaking down.
The hackers claim to have stolen 35TB of data from company endpoints and will be releasing parts of it daily.
“Despite ongoing discussions with Henry’s team, we have not received any indication of their willingness to prioritize the security of their clients, partners, and employees, let alone protect their own network,” the threat actors said.
“As of midnight today, a portion of their internal payroll data and shareholder folders will be published on our collections blog. We will continue to release more data daily.”
Henry Schein is a healthcare products and services provider with a presence in 32 countries and annual revenues of $12 billion, the media reported. It is currently not responding to media inquiries.