The ALPHV/BlackCat ransomware crew has shut down its server infrastructure, leading to speculation and allegations of internal theft. Initially, it was thought that law enforcement had taken action against the group, but the National Crime Agency has stated otherwise. A supposed affiliate of ALPHV/BlackCat claimed to have received a $22 million ransom payment from United Health Group, but the crew decided to suspend their account and steal the money. Experts have noted that this situation is uncertain and unreliable due to the nature of cyber criminals. It is unclear why ALPHV/BlackCat has gone offline, but it is possible they are rebranding to avoid law enforcement attention. The gang’s actions regarding the payment will be of little comfort to Change Healthcare, whose parent has not confirmed whether they paid any ransom. This situation raises questions about whether ransomware payments should be made illegal, especially in the healthcare sector where delays can pose a risk to human life. Paying ransom demands has been found to disrupt patient care and increase mortality rates. However, the root cause of the issue lies in the vulnerability of IT systems, and preventing successful attacks should be the main focus.