Change Healthcare Begins Notifying Customers of Potential Patient Data Exposure in Cyberattack

By Madz Dizon

Jun 20, 2024 10:05 PM EDT

Change Healthcare Begins Notifying Customers of Potential Patient Data Exposure in Cyberattack

(Photo : Graham Ruttan on Unsplash)

Change Healthcare is in the process of informing hospitals, insurers, and other customers about a potential exposure of patient information due to a significant cyberattack.

Ransomware Attack on Change Healthcare Disrupts Claims Nationwide

The company announced on Thursday (June 20) that it anticipates notifying individuals or patients starting in late July.

According to AP, Change Healthcare, a subsidiary of UnitedHealth Group, is a leading provider of technology for insurance claim submission and processing. 

In February, unauthorized individuals managed to infiltrate the system and launched a ransomware attack, resulting in the encryption and freezing of significant portions of it.

The attack caused a significant disruption in payment and claims processing nationwide, placing a heavy burden on doctor's offices and healthcare systems as it hindered their ability to file claims and receive payment.

According to the latest information, certain sensitive details such as names, addresses, health insurance information, and personal information like Social Security numbers might have been compromised in the attack.

READ NEXT: Russian Hackers Demand $50 Million Ransom After NHS Hospital Cyberattack

90% of Compromised Files Show No Extracted Medical Histories

In an earlier press release, the US Department of Health and Human Services stated that healthcare providers have the option to request UnitedHealth to inform individuals affected by the security breach on their behalf. 

After the hack, certain providers strongly recommended that HHS assign sole responsibility to UnitedHealth for issuing breach notifications.

Upon thorough examination of 90% of the compromised files, the insurer has concluded that there is no indication of any materials, such as doctors' charts or complete medical histories, being extracted from its systems, Reuters reported.

In May testimony to the Senate Committee on Finance, UnitedHealth CEO Andrew Witty revealed that the hack on the technology unit of the largest US health insurer, which occurred on February 21, was orchestrated by the Russian ransomware gang BlackCat.

According to Witty, UnitedHealth paid the group $22 million in Bitcoin in return for patient data.

READ MORE: Wealthy Maine Couple Accused of Tree Killing for Ocean View Faces Consequences

© 2024 VCPOST, All rights reserved. Do not reproduce without permission.

Join the Conversation

Real Time Analytics