Cyberattack Fallout: UnitedHealth Reveals Personal Data Breach Impact

 

As part of its ongoing data breach response, UnitedHealth Group has informed its subsidiaries, Change Healthcare, that they have recently experienced a data breach. Following the February cyberattack on its subsidiary Change Healthcare, UnitedHealth Group revealed on Monday that it had paid ransom to cyber threat actors to protect patient data. 

Additionally, the company confirmed that there was a breach of files with personal information that had been compromised. In the aftermath of the attack, Change Healthcare's payment processing service was affected, and other vital services such as prescription writing, payment processing, and insurance claims were adversely affected, affecting healthcare providers and pharmacies across the United States. 

It was reported that $872 million worth of financial damage had been sustained as a result of the cyberattack. On Monday, UnitedHealth Group announced that it had published an update about the status of its monitoring of the internet and dark web to determine if data had been leaked. The update was published along with leading external industry experts. 

There are many tools provided by Change Healthcare for managing the payment and revenue cycle. This company facilitates more than 15 billion transactions each year, and one in three patient records pass through the company's systems each year. 

UnitedHealth has revealed that 22 screenshots of compromised files, allegedly taken from the compromised files, had been uploaded to the dark web, which means even patients who are not UnitedHealth customers may have been affected by the attack. There has been no publication of any additional data by the company, and they have not seen any evidence that doctor's charts or full medical histories have been accessed in the breach. 

As part of its earlier ransomware attack on its subsidiary, Change Healthcare, UnitedHealth Group has revealed that the company has suffered a significant breach that has exposed private healthcare data from "substantially a quarter" of Americans. The Change Healthcare Group manages the insurance and billing for hospitals, pharmacies, and medical practices in the U.S. healthcare industry, which offers extensive health data on approximately half of all Americans, as well as providing insurance services to numerous hospitals, pharmacies, and medical practices. 

Considering the complexity and ongoing nature of the data review, it is likely to take several months to be able to identify and notify individuals and customers who have been affected by the situation. Rather than waiting until the completion of the data analysis process for the company to provide support and robust protections, the company is immediately providing support and robust protections as part of its ongoing collaboration with leading industry experts to analyze the data involved in this cyberattack. 

In May, The Record reported that UnitedHealth Group's CEO Andrew Witty will be expected to testify before a House panel regarding the ransomware attack. Two representatives of the House Subcommittee on Health testified at the hearing last week about the cyberattack. UnitedHealth Group failed to make anyone available during the hearing. 

UnitedHealth Group reported in March that it had spent $22 million on recovering data and systems encrypted by the Blackcat ransomware gang after paying the ransom. As a result of their attack on UnitedHealth in 2008, BlackCat was accused by a member of the gang known as "Notchy" of cheating them out of their ransom payment because they had UnitedHealth data. After all, they had conducted the attack and BlackCat had fallen into their trap. 

It was confirmed by researchers that the transaction was visible on the Bitcoin blockchain and that it had reached a wallet used by BlackCat hackers at the time the transaction was reported. The U.S. government launched an investigation about a week after the ransomware attack on Optum, investigating whether or not any health data had been stolen. 

On February 21, 2018, a cyberattack hit Change Healthcare, a subsidiary of UnitedHealth Group that is owned by Optum, a company that is a subsidiary of Optum. Due to this downtime, hospitals and physician groups across the country were unable to receive their claims payments from the company. Change has been working to restore connectivity to the provider network; however, delays in the submission and receipt of payments continue to affect provider revenue, despite the improvement in connectivity. 

There was "strong progress" being made by UnitedHealth in the restoration of its Change services during its status update on Monday. After the cyberattack on Change Healthcare, UnitedHealth Group has been vigilantly monitoring the internet and dark web to ensure that any sensitive data has not been exposed further on the internet and dark web. 

There has been an increase in external cybersecurity experts that the company has enlisted to enhance its monitoring capabilities. The company has also developed a group of advanced monitoring tools that search continuously for evidence of data misuse on the Internet and dark web, which allows it to identify and take action quickly when there is any evidence. 

UnitedHealth Group has developed expert cybersecurity partnerships which are intended to mitigate data breaches by collaborating with cybersecurity professionals. Furthermore, UnitedHealth Group's law enforcement and regulatory agencies, as well as other regulatory bodies, are constantly communicating with and cooperating with UnitedHealth Group.