UnitedHealth’s Change Healthcare Unit Suffers Largest Medical Data Breach in U.S. History, Impacting 190 Million Individuals
In February 2024, UnitedHealth’s Change Healthcare unit experienced a data breach, which was initially reported to have affected around 100 million individuals. However, the actual number of those affected is now confirmed to be significantly higher at 190 million. This breach is the largest in U.S. history, impacting nearly half of the country’s population.
The Consequences of a Massive Breach
The magnitude of this breach poses serious threats to the American people. If the stolen data finds its way to the dark web, malicious actors could exploit it for various attacks. From identity theft to targeted phishing attempts, the potential harm is immense.
Revised Figures and Notification Process
UnitedHealth recently confirmed that approximately 190 million people in the United States were affected by the ransomware attack on its Change Healthcare unit. The company had previously estimated the number of affected individuals to be around 100 million in its preliminary analysis. While the majority of those impacted have already been notified directly or through substitute notice, the final tally of affected individuals will be confirmed and submitted to the Office for Civil Rights at a later date.
Details of the Breach and Potential Misuse
UnitedHealth stated that, during their analysis, they have not seen electronic medical record databases appear in the data, and they are not aware of any misuse of individuals’ information as a result of the incident. However, the company did not disclose when they became aware of the additional 90 million victims, how the revised figure was determined, or what changes led to the updated number.
Disruptions and Stolen Data
The cyberattack on Change Healthcare caused widespread disruptions across the U.S. healthcare sector. The company had to take its systems offline to contain the breach, which impacted critical services such as claims processing, payments, and data sharing.
The stolen data varied by individual but included personal and sensitive information such as names, addresses, dates of birth, phone numbers, email addresses, and government ID numbers. Additionally, health-related information, including diagnoses, medications, test results, imaging records, care and treatment plans, and health insurance details, may have been accessed. Financial and banking information tied to claims and payment data was also reportedly compromised.
The Culprit and Security Gaps
The breach was the result of a ransomware attack carried out by ALPHV/BlackCat, a Russian-speaking ransomware and extortion group. The attack exploited inadequate security measures, particularly the absence of two-factor authentication, which could have protected Change Healthcare’s systems.
Protecting Yourself from the Fallout
Considering the scope of this breach, it is crucial to take precautions to protect oneself. Here are some steps you can take:
1. Remove your personal information from the internet: While complete data removal cannot be guaranteed, reputable data removal services can significantly limit your exposure by monitoring and erasing personal information from numerous websites and data brokers.
2. Be wary of mailbox communications: Scammers may use compromised addresses to send fraudulent letters. Always verify the authenticity of any communication before responding or taking action.
3. Be cautious of phishing attempts and use strong antivirus software: Scammers may target you with phishing attacks using your compromised email or phone number. Install strong antivirus software on all your devices to protect against such threats.
4. Monitor your accounts: Regularly check your bank accounts, credit card statements, and other financial accounts for unauthorized transactions or suspicious activity. Report any issues immediately.
5. Recognize and report Social Security scams: If your Social Security number is exposed, be aware of potential scams. Official communication regarding Social Security issues usually comes via mail, not phone calls or emails. Learn how to spot and report scams on the Social Security Administration’s website.
6. Invest in identity theft protection: Consider subscribing to an identity theft protection service that can monitor your personal information and alert you if it is being sold on the dark web or used to open fraudulent accounts. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use.
The Importance of Cybersecurity Measures
It is surprising that a company as large as UnitedHealth failed to implement basic cybersecurity measures when handling customer data. The breach affecting 190 million people highlights the urgent need for robust security practices. While the company continues to assess the breach’s full extent, individuals should remain cautious with unknown links or unsolicited calls, as bad actors may use various tactics to cause harm.
Are Companies and the Government Doing Enough?
Considering the frequency and scale of cyberattacks, it raises questions about whether companies are doing enough to protect customer data and whether the government is effectively pursuing those behind these attacks. Share your thoughts by reaching out to us at Cyberguy.com/Contact.
Stay Informed and Protected
To receive more tech tips and security alerts, subscribe to the free CyberGuy Report Newsletter at Cyberguy.com/Newsletter. You can also ask Kurt a question or suggest stories for coverage.
Follow Kurt on his social channels.
Remember, protecting your personal information and staying vigilant is crucial in today’s digital landscape.
