UnitedHealth Group subsidiary, Change Healthcare, is notifying hospitals, insurers and other customers about potential exposure of patient information in a significant cyberattack that occurred in February. The attack targeted the company’s system and resulted in a ransomware attack that encrypted and froze portions of it. This led to disruptions in payment and claims processing nationwide.
The compromised information may include names, addresses, health insurance details, and personal data like Social Security numbers. Change Healthcare is currently conducting an investigation into the incident and plans to start informing individuals and patients about the attack in late July. CEO Andrew Witty assured that essential systems, such as claims payment and pharmacy processing, remain operational.
UnitedHealth reportedly paid a $22 million ransom in bitcoin following the attack. Fortunately, Change Healthcare has determined that over 90% of the affected files have been reviewed and found no evidence that doctors’ charts or complete medical histories were accessed by the hackers. As a precautionary measure, Change Healthcare is offering two years of credit monitoring and identity theft protection to individuals concerned about their information being compromised. The company continues to work on addressing the aftermath of the attack and ensuring the protection of customer and patient data.
