Over the past few months, we've seen a wave of data breaches affecting millions of people, from healthcare giants to government contractors and more. This latest incident is the latest in a series of alarming breaches. Change Healthcare experienced a massive data breach in February of this year, causing widespread disruption across the U.S. healthcare industry. At the time, the company did not say how many people were affected by the breach, but hinted that it could affect well over a third of the U.S. population, and to date It was one of the largest known digital thefts of medical records.
UnitedHealth Group (UHG), owner of Change Healthcare, has admitted for the first time that the personal information and health data of more than 100 million people was stolen in a ransomware attack.
Get Security Alerts, Tips from the Experts – Sign up for Cart Newsletter – Cyber Guy Report here
UnitedHealth Group has admitted for the first time that the personal information and medical data of more than 100 million people was stolen. (Kurt “Cyber Guy” Knutson)
Change Healthcare Cyberattack Timeline
The Change Healthcare cyber attack occurred in February and the news was made public on February 21st. To stop the breach, the company took its systems offline, causing immediate disruption across the U.S. healthcare industry that relies on Change's services for claims processing and payments. and data sharing. UHG CEO Andrew Whitty told Congress in May that “probably a third” of Americans' health data was exposed in the attack.
A month later, Change Healthcare sent out a data breach notification confirming that a February ransomware attack exposed “substantial amounts of data” that affected many Americans. UnitedHealth Group began notifying affected individuals in late July, with notifications continuing through October and a final tally of those affected released this month.
The U.S. Department of Health and Human Services Office for Civil Rights (OCR)'s data breach portal has updated the total number of people affected to 100 million. “On October 22, 2024, Change Healthcare notified OCR that approximately 100 million individual notifications have been submitted for the following violations,” reads an updated FAQ on the OCR website. I am.
February's ransomware attack exposed “a trove of data” that affected many Americans. (Kurt “Cyber Guy” Knutson)
The hidden cost of free apps: personal information
What data was stolen?
There is approximately a 30% chance that personal data was compromised in this breach. Change Healthcare, one of the largest health, medical data and patient records companies, will merge with US healthcare provider Optum in 2022 as part of its deal with UHG, bringing the two giants under UHG's umbrella. I have summarized it in
The merger gives Optum, which already manages physician groups and provides technology and data to insurance companies and health services, broader access to Change's patient records. Overall, UHG provides benefit plans to more than 53 million customers in the United States and an additional 5 million customers worldwide, and Optum serves approximately 103 million customers in the United States. Masu.
The stolen data varies by individual, but includes personal information such as name, address, date of birth, phone number, email address, social security number, and government ID numbers such as driver's license and passport numbers. Additionally, hackers may have accessed health data such as diagnoses, medications, test results, images, care and treatment plans, and health insurance information. Financial and banking details included in billing and payment data were also reportedly compromised.
Change Healthcare is one of the largest providers of health, medical data, and patient records. (Kurt “Cyber Guy” Knutson)
From Tiktok to Trouble: How your online data can be used as a weapon against you
What caused the data breach?
The Change Healthcare data breach was caused by a ransomware attack, a type of malware attack that blocks access to a victim's personal data unless a “ransom” is paid. UHG announced that ALPHV/BlackCat was behind the attack. ALPHV/BlackCat is a Russian-speaking ransomware and extortion organization that later masterminded the cyberattack.
However, this attack was possible because Change Healthcare was not smart enough to protect its customers' data with multi-factor authentication. The company acknowledged this during a House hearing on the cyberattack in April. This raises an important question. How could a company that generates billions of dollars in revenue and stores the data of more than 100 million Americans fail at basic cybersecurity?
UHG paid a ransom to obtain decryption tools and delete the data stolen by the hackers. The ransom was said to be approximately $22 million, which was to be split 50-50 between the affiliate and the ransomware operation. But BlackCat took it all to himself and ran an exit scam.
Things got complicated for UHG when this affiliate claimed it still had the company's data. They then teamed up with a new group called RansomHub to leak some of the stolen data and extort a second ransom from UHG.
6 ways to protect yourself from a Change Healthcare data breach
1) Delete your personal information from the Internet: Although no service can guarantee that your data will be completely removed from the Internet, a data deletion service is a very smart choice. They are not cheap and also violate your privacy. These services do all of their work by actively monitoring your personal information and systematically removing it from hundreds of websites. Check out the data deletion services I recommend here.
2) Be careful with mailbox communications. Malicious actors may also try to trick you through snail mail. A data breach gives them access to your address. They may impersonate people or brands you know and use themes that require urgent attention, such as missed deliveries, account suspensions, or security alerts.
3) Beware of Phishing Scams: Be wary of emails, calls, or messages from unknown sources requesting personal information. Don't click on suspicious links or provide sensitive information unless you can verify the legitimacy of the request. The best way to protect yourself from clicking on malicious links that install malware is to install strong antivirus protection on all your devices. Check out my picks for the best antivirus protection products of 2024 for your Windows, Mac, Android, and iOS devices.
4) Monitor your accounts: When a breach of this scale occurs, you need to regularly check your bank accounts, credit card statements, and other financial accounts for fraudulent activity. If you notice any suspicious transactions, report them to your bank or credit card company immediately.
5) Recognizing and Reporting Social Security Fraud: If there is a problem with an individual's Social Security number or record, the Social Security Administration typically sends a letter in the mail. Visit www.ssa.gov/scams to learn how to identify Social Security fraud, including how to quickly and easily report fraud to the Social Security Inspector General's Office online.
6) Invest in identity theft protection: Data breaches happen every day and most don't make the news, but with an identity theft protection service you'll be notified if you're affected. . Identity theft companies monitor your personal information, such as your social security number, phone number, and email address, and alert you if it is sold on the dark web or used to open an account. It can also help freeze bank and credit card accounts to prevent further misuse by criminals.
One of the best things about using some of our services is identity theft insurance of up to $1 million to cover your losses and legal costs, as well as an excellent fraud insurance policy with a US-based case manager to help you recover your losses. It includes a resolution team. Check out our tips and recommendations on how to protect yourself from identity theft.
Cart important points
With more than two months until 2024, we have witnessed countless data breaches affecting millions of Americans. This highlights how valuable data is and how little some companies do to protect it. Large companies with huge revenues struggle to implement even the most basic cybersecurity measures, effectively inviting cybercriminals to hack their systems. Change Healthcare fell into this trap by not implementing two-factor authentication, leaving everything from financial information to health data in the hands of criminals.
Do you think these companies are doing enough to protect your data, and do you think governments are doing enough to catch the people behind cyber attacks? Cyber Email us at guy.com/Contact.
For more of my tech tips and security alerts, visit Cyberguy.com/Newsletter and subscribe to my free CyberGuy Report newsletter.
Ask Kurt a question or let us know your story you'd like us to cover.
Follow Kurt on his social channels.
Answers to CyberGuy frequently asked questions:
New from cart:
Copyright 2024 CyberGuy.com. Unauthorized reproduction is prohibited.
