SCMagazine.com reported that “A $22 million ransom payment allegedly made by Optum, which is supported by blockchain transaction records associated with ALPHV/BlackCat, was apparently stolen by the ransomware-as-a-service (RaaS) in an exit scam.”  The April 8, 2024 reported entitled “Change Healthcare breach data may be in hands of new ransomware group“ (https://tinyurl.com/yc8nzak2) included this information:

The Change Healthcare breach story has taken on a new twist, with emerging ransomware group RansomHub claiming Monday it has 4TB of data stolen from the healthcare tech company in February.

The Change Healthcare platform, which is owned by UnitedHealth Group subsidiary Optum, was breached by an affiliate of the ALPHV/BlackCat ransomware group in February, causing widespread operational outages and threatening the leak of sensitive patient and client data.

The group reportedly published a fake law enforcement takedown notice on their leak site before disappearing with the full $22 million, leaving the affiliate who performed the breach, known as “notchy,” empty-handed.

I guess you can’t trust thieves!!