{
	"id": "b625211a-b09f-4e23-a2af-94bb69b2e77c",
	"created_at": "2026-04-11T02:23:49.00475Z",
	"updated_at": "2026-04-11T02:24:15.495482Z",
	"deleted_at": null,
	"sha1_hash": "a801794d4e3d424e5e336407406ad9bfb975d934",
	"title": "Henry Schein re-encrypted by BlackCat again - DataBreaches.Net",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 36326,
	"plain_text": "Henry Schein re-encrypted by BlackCat again - DataBreaches.Net\r\nPublished: 2023-11-26 · Archived: 2026-04-11 02:22:26 UTC\r\nOn October 15, Henry Schein, Inc. disclosed a breach:\r\nOn Saturday, October 14, Henry Schein, Inc. (Nasdaq: HSIC) determined that a portion of its\r\nmanufacturing and distribution businesses experienced a cybersecurity incident. Henry Schein promptly\r\ntook precautionary action, including taking certain systems offline and other steps intended to contain\r\nthe incident, which has led to temporary disruption of some of Henry Schein’s business operations. The\r\nCompany is working to resolve the situation as soon as possible.\r\nRead more of their original notice on their website.  AlphV (BlackCat) later claimed responsibility for the attack.\r\nOn November 13, Henry Schein issued an update on the scope of the breach. As MedTechDive reported:\r\nIn a letter to its customers, the company disclosed on Monday that a data breach occurred, but\r\n“we do not have all the details of what data may have been compromised.” Customer bank\r\naccounts and credit card numbers may have been affected. Henry Shein also issued a letter to its\r\nsuppliers, writing that the company is “aware that the bank account information for a limited\r\nnumber of suppliers was misused.”\r\nCEO Stanley Bergman told investors on a Monday earnings call that the company is working to\r\nbring its e-commerce platform back online this week, and that the incident primarily affected its\r\ndental and medical distribution operations in North America and Europe.\r\nBut the situation had deteriorated from the first attack instead of things improving. AlphV posted an update about\r\nnegotiations breaking down,  and BlackCat re-encrypting them.\r\nThen, on November 22, Henry Schein posted another notice on its homepage:\r\nCertain Henry Schein applications, including its ecommerce platform, are currently unavailable. The\r\nCompany continues to take orders using alternate means and continues to ship to its customers. The\r\nCompany is in the process of securely restoring these applications.\r\nHenry Schein has identified the cause of the occurrence. The threat actor from the previously disclosed\r\ncyber incident has claimed responsibility.\r\nThe following day, it provided another update:\r\nHenry Schein would like to provide a further update on the cybersecurity incident following the\r\ncommunication we provided on November 22.\r\nThe Company quickly identified the cause of the disruption and is leveraging the prior work we did to\r\nrestore our systems. As a result, we believe that the disruption to our ecommerce platform and certain\r\nother applications will be short term.\r\nhttps://www.databreaches.net/henry-schein-re-encrypted-by-blackcat-again/\r\nPage 1 of 2\n\nThe Company is in the process of securely restoring the ecommerce platform and these other\r\napplications.\r\nIn the meantime, the Company continues to take orders using alternate means and continues to ship to\r\nits customers.\r\nIts most recent update (November 26) states:\r\nHenry Schein would like to provide a further update on the cybersecurity incident following the\r\ncommunications we provided on November 22 and 23.\r\nWe expect our U.S. ecommerce platform and certain other applications to be restored in the next few\r\ndays, and possibly as early as Monday. Our ecommerce platform and other applications in Canada and\r\nEurope are expected to follow shortly thereafter.\r\n Related:  Henry Schein Inc.  SEC Filings Concerning the Security Incident:\r\nSource: https://www.databreaches.net/henry-schein-re-encrypted-by-blackcat-again/\r\nhttps://www.databreaches.net/henry-schein-re-encrypted-by-blackcat-again/\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.databreaches.net/henry-schein-re-encrypted-by-blackcat-again/"
	],
	"report_names": [
		"henry-schein-re-encrypted-by-blackcat-again"
	],
	"threat_actors": [],
	"ts_created_at": 1775874229,
	"ts_updated_at": 1775874255,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/a801794d4e3d424e5e336407406ad9bfb975d934.pdf",
		"text": "https://archive.orkl.eu/a801794d4e3d424e5e336407406ad9bfb975d934.txt",
		"img": "https://archive.orkl.eu/a801794d4e3d424e5e336407406ad9bfb975d934.jpg"
	}
}