Results for: Change Healthcare

Two months after the cyberattack on Change Healthcare, the extent of the impact on Americans remains uncertain. CEO Andrew Witty initially estimated that a substantial proportion of Americans were affected, while later testifying in a House hearing that it may be around a third. The company is still investigating the breach and has not yet notified victims. Witty stated that there is no evidence of sensitive medical data being stolen, but the hackers exploited a lack of multi-factor authentication on a Change Healthcare portal, leading to the breach. Senators criticized the company for this failure.

Following the ransomware attack on its subsidiary Change Healthcare, UnitedHealth Group has enabled multi-factor authentication (MFA) across all of its systems exposed to the internet. Previously, a lack of MFA on Change Healthcare’s systems allowed hackers to access a server and breach the company’s network. UnitedHealth Group CEO Andrew Witty acknowledged the omission and blamed it on the incomplete integration of Change Healthcare’s systems after the acquisition in 2022. Despite a company-wide policy requiring MFA on external systems, Witty admitted that one server lacked protection, enabling the hackers’ entry point. At a congressional hearing, Witty faced questions about the cyberattack and the reasons for the unenforced policy. UnitedHealth Group is still working to determine the full impact of the hack and has not yet notified affected individuals.

UnitedHealth Group (UNH) disclosed that it paid a ransom in response to the February cyberattack targeting its subsidiary, Change Healthcare. The attack compromised personal data, affecting not only UnitedHealth’s 152 million customers but also a broader segment of the population due to Change Healthcare’s extensive role in payment and revenue cycle management in the healthcare industry. Despite the ransom payment, UnitedHealth emphasized its collaboration with law enforcement and cybersecurity firms to investigate the incident thoroughly and support affected individuals. The company acknowledged that it is actively monitoring online forums where hackers distribute or exchange compromised data packets and has established a dedicated website and call center to offer identity theft protection and credit monitoring for two years.

UnitedHealth Group (UHG) has confirmed that the February cyberattack on its subsidiary, Change Healthcare, compromised the data of a significant number of Americans. The company has identified files containing protected health information (PHI) and personally identifiable information (PII) potentially covering a substantial proportion of the U.S. population. While UHG has not found evidence of complete medical histories or doctors’ notes being stolen, they acknowledge that the attack’s scope will require several months to investigate and notify affected customers.

In an effort to protect patient data, UHG confirms that it paid a ransom to the threat actors. The company has set up a website for customers to obtain information and has established call centers to provide free credit monitoring and identity theft protection for two years.

The Change cyberattack has raised concerns about data consolidation and vertical integration in the healthcare industry. The Justice Department previously attempted to block UHG’s acquisition of Change Healthcare due to antitrust concerns.

Federal Trade Commission Chair Lina Khan highlighted the vulnerability created by data concentration and emphasized the importance of data minimization as a solution.

UnitedHealth Group Inc. has revealed that personal information of a potentially vast number of Americans may have been compromised in a recent cyberattack on its Change Healthcare business. While the company has yet to identify the full extent of the breach, it has confirmed that screenshots containing protected health information were posted on the dark web. UnitedHealth is actively investigating the situation and providing resources to affected individuals, including free credit monitoring and identity theft protection. The attack, which impacted insurance claim processing, has prompted ongoing efforts to restore services and mitigate the financial burden on healthcare providers.

UnitedHealth Group Inc. disclosed that personal information of a substantial portion of Americans may have been compromised in a cyberattack that targeted its Change Healthcare business earlier this year. The company emphasized that there are no indications that full medical histories or doctor charts were released, but it could take months to identify and notify those affected. UnitedHealth confirmed that screenshots containing protected health information and personally identifiable information were briefly posted on the dark web, and the company is closely monitoring the situation. Affected individuals will receive free credit monitoring and identity theft protection while UnitedHealth continues to restore services disrupted by the attack. The healthcare giant has also provided billions of dollars in financial assistance to healthcare providers impacted by the incident.

Personal information potentially covering a large portion of the US population may have been compromised in a cyberattack on Change Healthcare, acquired by UnitedHealth Group. While medical histories and doctor charts appear secure, the company is investigating and expects notification of affected individuals to take months. Some protected health information was briefly posted online on the dark web, and UnitedHealth is monitoring the situation. Free credit monitoring and identity theft protection are available to those impacted, and federal investigators are examining the breach. UnitedHealth has faced financial losses due to the attack and is working to restore disrupted services.

UnitedHealth Group has disclosed that personal information may have been compromised in a cyberattack on its Change Healthcare unit, potentially affecting a significant portion of the U.S. population. The health insurer is providing credit monitoring and identity theft protection services while it investigates the incident and identifies the individuals impacted.

UnitedHealth Group has revealed that it paid a ransom to cyberattackers in an attempt to protect patient data following a breach of its subsidiary, Change Healthcare. The attack compromised files containing protected health information and personally identifiable information of a significant portion of people in the United States. The company has set up a dedicated website and call center to provide support and resources to affected individuals.

UnitedHealth Group confirmed a ransomware attack on subsidiary Change Healthcare, resulting in a significant theft of protected health information potentially affecting a substantial portion of Americans. The hackers exfiltrated personal data and internal files but denied the compromise of medical histories. A new hacking group, RansomHub, published patient information as part of an extortion attempt. UnitedHealth acknowledges the leaked files but has not officially confirmed ownership. The attack caused widespread outages, disrupting healthcare services and costing UnitedHealth over $870 million in losses.