Change Healthcare ransomware attack exposes personal health information of over 100 million

Over the past few months we have seen a data wave violation impacting millions of people, from healthcare giants to government contractors and more. This latest incident is another in a long line of disturbing violations. In February of this year, Change Healthcare suffered a major data breach that caused a massive outage in the US healthcare industry. At the time, the company did not specify how many people were affected by the breach, but hinted that more than a third of the US population could be affected, in one of the largest known digital thefts of medical records to date.

Change Healthcare’s owner, UnitedHealth Group (UHG), has now confirmed for the first time that more than 100 million people have had their personal information and healthcare data stolen in a ransomware attack.

Get security alerts, expert advice – subscribe to Kurt’s newsletter – The Cyberguy Report here

Change Healthcare ransomware attack exposes personal health information of over 100 million — UnitedHealth Group has confirmed for the first time that more than 100 million people had their personal information and health data stolen.

A cyber attack on Change Healthcare took place in February, as it became known publicly on February 21. To stop the breach, the company took its systems offline, causing immediate disruption to the US healthcare sector, which relies on Change’s services for claims processing, payments and data exchange. UHG CEO Andrew Witty told Congress in May that “perhaps a third” of Americans’ health data was exposed in the attack.

A month later, Change Healthcare issued a data breach notification, confirming that a February ransomware attack exposed a “significant amount of data” that affected many Americans. UnitedHealth Group began notifying affected individuals in late July, continued through October, and the final summary list of those affected was released this month.

US Department of Health and Human Services Office for Civil Rights (OCR) data protection portal. updated total number of people affected reaches 100 million: “On October 22, 2024, Change Healthcare notified OCR that approximately 100 million individual notifications were sent regarding this breach,” according to an updated FAQ on OCR’s website.

Read on the Fox News app

Change Healthcare ransomware attack exposes over 100 million personal health information — A February ransomware attack exposed a “significant amount of data” that affected many Americans.

Hidden costs of free apps: Your personal information

There is approximately a 30% chance that your personal data was compromised as a result of this breach. Change Healthcare is one of the largest processors of health data, medical records and patient records. In 2022, it merged with US healthcare provider Optum in a deal with UHG, bringing the two giants together under the UHG umbrella.

The merger gave Optum, which already operates physician groups and provides technology and data to insurance companies and health services, greater access to patient records processed by Change. In total, UHG offers benefit plans to more than 53 million customers in the U.S. and another 5 million worldwide, while Optum serves about 103 million customers in the U.S.

The data stolen varies by individual, but includes personal information such as names, addresses, dates of birth, phone numbers, email addresses, and government identification numbers, including social security numbers, driver’s licenses, and passport numbers. In addition, hackers were also able to access health data, including diagnoses, medications, test results, images, care and treatment plans, and health insurance information. Financial and banking details found in claims and payment data have also reportedly been compromised.

From Tiktok to Trouble: How Your Online Data Can Be Used Against You

The Change Healthcare data breach was caused by a ransomware attack, a type of malware attack that blocks access to a victim’s personal data unless a “ransom” is paid. UHG said the Russian-speaking extortion and extortion gang ALPHV/BlackCat, which later claimed responsibility for the cyberattack, was behind the attack.

However, the attack was made possible because Change Healthcare was not smart enough to protect its customers’ data with multi-factor authentication. The company made the admission during a House hearing on the cyber attack in April. This raises an important question: How can a company with billions in revenue and storing data for more than 100 million Americans fail to provide basic cybersecurity?

UHG paid the ransom to get the decryptor and for the hackers to delete the stolen data. The ransom was said to be about $22 million and was to be split between the affiliate and the ransomware. However, BlackCat kept it all to himself and staged a fraudulent exit.

This made things difficult for UHG as the affiliate claimed they still had the company’s data. They later teamed up with a new group called RansomHub, leaking some of the stolen data and demanding a second ransom from UHG.

1) Remove your personal information from the Internet: Although no service can guarantee to completely remove your data from the Internet, a data removal service is a really smart choice. They don’t come cheap, and neither does your privacy. These services do all the work for you by actively monitoring and systematically removing your personal information from hundreds of websites. Check out my best data removal services here.

2) Be careful with the mailbox: Bad actors can also try to scam you through persistent mail. A data leak gives them access to your address. They may impersonate people or brands you know and use topics that require immediate attention, such as missed deliveries, account suspensions, and security alerts.

3) Be careful with phishing attempts: Be alert to emails, phone calls, or messages from unknown sources requesting personal information. Avoid clicking on suspicious links or providing sensitive information unless you can confirm the legitimacy of the request. The best way to protect yourself from clicking on malicious links that install malware is to install strong antivirus protection on all your devices. Get my pick of the best 2024 antivirus winners for your Windows, Mac, Android, and iOS devices.

4) Control your accounts: A breach of this magnitude will cause you to start regularly checking your bank accounts, credit card statements and other financial accounts for any unauthorized activity. If you notice any suspicious transactions, report them immediately to your bank or credit card company.

5) Recognizing and reporting Social Security fraud: If there is a problem with a person’s Social Security number or record, Social Security usually sends a letter by mail. You can learn more about recognizing Social Security fraud, including how to quickly and easily report fraud online to the Office of the Social Security Inspector General, by reading more information at www.ssa.gov/scams.

6) Invest in identity theft protection: Data breaches happen every day and most never make the headlines, but with Identity Theft Protection you’ll be notified if and when you’re affected. Identity theft companies can monitor personal information like your social security number, phone number, and email address and notify you if it’s being sold on the dark web or used to open an account. They can also help you freeze your bank and credit card accounts to prevent further unauthorized use by criminals.

One of the best things about using some services is that they may include identity theft insurance up to $1 million for damages and legal costs and a fraud resolution team where a A US case manager will help you recover any damages. Check out my tips and best options on how to protect yourself from identity theft.

In 2024 alone, with more than two months to go, we have witnessed countless data breaches that have affected millions of Americans. This highlights how valuable your data is and how little some companies do to protect it. Large companies with huge revenues struggle to implement even the simplest cybersecurity measures, virtually inviting cybercriminals to hack into their systems. Change Healthcare fell into this trap by not implementing two-factor authentication, leaving everything from your financial data to your health data in the hands of criminals.

Do you think these companies are doing enough to protect your data and is the government doing enough to catch those behind cyberattacks? Let us know by writing to us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report newsletter by going to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you’d like us to cover.

Follow Kurt on his social channels:

Answers to CyberGuy’s most popular questions:

New from Kurt:

Source of the original article: Change Healthcare ransomware attack exposes personal health information of over 100 million