Medical insurance big UnitedHealth Group has confirmed {that a} ransomware assault on its well being tech subsidiary Change Healthcare earlier this 12 months resulted in an enormous theft of People’ personal healthcare knowledge.
UnitedHealth mentioned in a press release on Monday {that a} ransomware gang took recordsdata containing private knowledge and guarded well being info that it says might “cowl a considerable proportion of individuals in America.”
The medical health insurance big didn’t say what number of People are affected however mentioned the information overview was “more likely to take a number of months” earlier than the corporate would start notifying people that their info was stolen within the cyberattack.
Change Healthcare processes insurance coverage and billing for a whole lot of hundreds of hospitals, pharmacies and medical practices throughout the U.S. healthcare sector; it has entry to huge quantities of well being info on about half of all People.
UnitedHealth mentioned it had not but seen proof that docs’ charts or full medical histories had been exfiltrated from its methods.
The admission that hackers stole People’ well being knowledge comes every week after a brand new hacking group started publishing parts of the stolen knowledge in an effort to extort a second ransom demand from the corporate.
The gang, which calls itself RansomHub, revealed a number of recordsdata on its darkish internet leak web site containing private details about sufferers throughout an array of paperwork, a few of which included inside recordsdata associated to Change Healthcare. RansomHub mentioned it will promote the stolen knowledge except Change Healthcare pays a ransom.
RansomHub is the second gang to demand a ransom from Change Healthcare. The well being tech big reportedly paid $22 million to a Russia-based prison gang referred to as ALPHV in March, which then disappeared, stiffing the affiliate that carried out the information theft out of their portion of the ransom.
RansomHub claimed in its put up alongside the revealed stolen knowledge that “we’ve the information and never ALPHV.”
In its assertion Monday, UnitedHealth acknowledged the publication of a few of the recordsdata however stopped in need of claiming possession of the paperwork. “This isn’t an official breach notification,” UnitedHealth mentioned.
The Wall Avenue Journal reported Monday that the prison hacking affiliate of ALPHV broke into Change Healthcare’s community utilizing stolen credentials for a system that permits distant entry to its community. The hackers had been in Change Healthcare’s community for greater than every week earlier than deploying ransomware, permitting the hackers to steal important quantities of knowledge from the corporate’s methods.
The cyberattack at Change Healthcare started on February 21 and resulted in ongoing widespread outages at pharmacies and hospitals throughout the USA. For weeks, physicians, pharmacies and hospitals couldn’t confirm affected person advantages for allotting medicines, organizing inpatient care, or processing prior authorizations crucial for surgical procedures.
A lot of the U.S. healthcare system floor to a halt, with healthcare suppliers going through monetary strain as backlogs develop and outages linger.
UnitedHealth reported final week that the ransomware assault has price it greater than $870 million in losses. The corporate reported it made $99.8 billion in income in the course of the first three months of the 12 months, faring higher than what Wall Avenue analysts had anticipated.
UnitedHealth CEO Andrew Witty, who obtained near $21 million in whole compensation the complete 12 months of 2022, is about to testify to Home lawmakers on Might 1.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25413122/Screen_Shot_2024_04_22_at_4.01.46_PM.png?w=440&resize=440,0&ssl=1 "Fortnite will let gamers disguise imply emotes")
/cdn.vox-cdn.com/uploads/chorus_asset/file/25413122/Screen_Shot_2024_04_22_at_4.01.46_PM.png?w=320&resize=320,0&ssl=1 "Fortnite will let gamers disguise imply emotes")
Leave a Comment