Ransomware gang Embargo today claimed responsibility for a cyber attack on American Associated Pharmacies (AAP), a cooperative made up of 2,000 pharmacies across the USA.
Embargo gave AAP until November 19, 2024 to pay an undisclosed ransom.
AAP did not verify Embargo’s claim, but it did post a notice on its website informing customers that all user passwords had been reset. Such resets usually happen when passwords are compromised by third parties.
The AAP website, at time of writing, says, “Limited ordering capabilities for API Warehouse have been restored at APIRx.com.” This implies prescription orders were temporarily unavailable and disruptions are ongoing.
We do not yet know if personal data was compromised, whether AAP did/will pay a ransom, how much Embargo demanded, or how attackers breached AAP’s network. Comparitech contacted AAP for comment and will update this article it responds.
Who is Embargo?
Embargo is a relatively new ransomware gang that started claiming attacks in April 2024. The group operates a ransomware-as-a-service business in which affiliates pay Embargo to use its malware and infrastructure to launch attacks and collect ransoms.
This year, Comparitech researchers tracked 10 confirmed attacks and six unconfirmed attacks claimed by Embargo. The attack on AAP remains unconfirmed at the moment.
AAP isn’t Embargo’s first target in the healthcare industry. It claimed confirmed attacks on Memorial Hospital & Manor, NorthBay Healthcare, and Wiser Memorial Hospital. The lattermost attack caused a four-week-long IT outage.
Diligent Delivery Systems also confirmed an Embargo attack in July 2024 in which 10,545 records were affected.
Ransomware attacks on US healthcare
Ransomware attacks on hospitals, clinics, and pharmacies can steal data and lock down computer systems used for everything from accessing medical records to bill payments. Providers might be forced to cancel appointments and switch to pen-and-paper processes until a ransom is paid to unlock their computer systems.
Ransomware gangs ramped up their attacks on hospitals and clinics in 2024. This year, we recorded 120 confirmed ransomware attacks on targets in the US healthcare industry, affecting 116,295,147 records. The average ransom is $5.3 million.
Another 167 attacks in 2024 have been claimed by ransomware gangs but not confirmed by targets.
About American Associated Pharmacies
Founded in 2009 in Scottsboro, Alabama, American Associated Pharmacies (AAP) is a member-owned cooperative of more than 2,000 independent pharmacies in the USA. It employs between 50 and 200 people, according to its LinkedIn profile.
AAP’s distribution warehouse is Associated Pharmacies, Inc (API). AAP oversees cooperative membership and manages major vendor agreements, while API sells Brand Rx, Generic Rx and OTCs.