BlackCat, a "triple-extortion" ransomware group that combines ransomware attacks with threats to leak data and disable websites, attacked pharmacy management services firm PharmaCare Services, GovInfoSecurity reported Jan. 23.
PharmaCare Services, which provides pharmacy management and consulting services, appeared on the Russian-based ransomware group's leak site.
The attack comes after BlackCat attacked EHR vendor NextGen Healthcare.
NextGen said the ransomware group did not obtain any client data. However, BlackCat put a sample of NextGen information on its extortion site, which has allegedly since been deleted, according to the report.
HHS warned the healthcare sector about the group in a December brief, stating that it has connections with Russian ransomware groups Darkside/Black Matter and REvil.
The group claims that it does not attack state medical institutions, ambulance companies and hospitals but says pharmaceutical companies, insurers, private clinics and similar entities are not exempt.