Security News BlackCat ransomware claims breach of healthcare giant Henry Schein


Level 44
Thread author
Top Poster
Nov 10, 2017
The BlackCat (ALPHV) ransomware gang claims it breached the network of healthcare giant Henry Schein and stole dozens of terabytes of data, including payroll data and shareholder information.

Henry Schein is a healthcare solutions provider and a Fortune 500 company with operations and affiliates in 32 countries and revenue of over $12 billion in 2022.

The company disclosed on October 15 that it was forced to take some systems offline to contain a cyberattack that impacted its manufacturing and distribution businesses one day before.

"Henry Schein promptly took precautionary action, including taking certain systems offline and other steps intended to contain the incident, which has led to temporary disruption of some of Henry Schein's business operations. The Company is working to resolve the situation as soon as possible," it said.

While some of its business operations were disrupted, the company says its Henry Schein One practice management software has not been impacted.

Henry Schein notified relevant law enforcement authorities of the incident and has since hired external cybersecurity and forensics experts to investigate a potential data breach stemming from the attack.

In a letter published one week after disclosing the cyberattack, the healthcare services provider urged customers to place orders through their Henry Schein representative or using dedicated telesales phone numbers.

Some information and rest

Jonny Quest

Level 14
Mar 2, 2023
Thank you for this update, @CyberTech I've been monitoring this one along with others on our business forum since Oct 16th, when our calls were not being answered but we were given a "disruption of service" recording. You know it's not good when they use these type of words, taken from this link:

The Company has engaged outside cybersecurity and forensic information technology experts to help investigate any data impact and respond to this situation. Henry Schein also has notified relevant law enforcement authorities.

I know there has been some passionate debate on a certain thread, but it was more of a personal or perspective concern of possibly giving novices the wrong idea of a firewall's ease of use etc. But for me, this is the greater issue of where we seemingly have no control over if we're going to do business, transactions etc in our lives, where most of our information is now stored on vendor's servers. It was announced yesterday that my previous mortgage company had been hacked, and now one of my main business suppliers, Zahn/Henry Schein. Not to disparage that other thread, but these types of things concern and alarm me more.
Last edited:


Level 75
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
Healthcare giant Henry Schein hit twice by BlackCat ransomware
American healthcare company Henry Schein has reported a second cyberattack this month by the BlackCat/ALPHV ransomware gang, who also breached their network in October.

Henry Schein is a Fortune 500 healthcare products and services provider with operations and affiliates in 32 countries and a revenue of over $12 billion reported in 2022.

It first disclosed on October 15 that it had to take some systems offline to contain another cyberattack that impacted its business one day before.

More than a month later, on November 22, the company said that some of its apps and the e-commerce platform were again taken down following another attack claimed by BlackCat ransomware.

"Certain Henry Schein applications, including its ecommerce platform, are currently unavailable. The Company continues to take orders using alternate means and continues to ship to its customers," it said.

"Henry Schein has identified the cause of the occurrence. The threat actor from the previously disclosed cyber incident has claimed responsibility."

Today, the company revealed that it has now restored its U.S. e-commerce platform, and it's expecting that its platforms in Canada and Europe will also be back online shortly.

Across impacted areas, the healthcare services provider is reportedly still receiving orders through alternative channels and shipping to customers.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.