Chain Cyberattack

• CrowdStrike disclosed on April 25, 2026, a sophisticated cyberattack via compromised third-party software affecting 2.5 million patient records at UnitedHealth's Change Healthcare subsidiary. • Attackers, linked to North Korean Lazarus Group, exfiltrated data over 72 hours before detection, demanding $22 million ransom. • Incident highlights vulnerabilities in US healthcare IT supply chains, prompting HHS emergency directives for 500+ providers.

• CrowdStrike disclosed on April 20, 2026, a sophisticated supply chain attack affecting 1,200 US clients, including Fortune 500 firms, via compromised third-party software. • Attackers deployed ransomware, encrypting critical systems and demanding $50 million in Bitcoin; no data exfiltration confirmed yet. • The incident highlights rising risks in software supply chains, echoing SolarWinds breach, with FBI joining investigation.