UnitedHealth Group has released an update concerning the cyberattack on Change Healthcare, admitting a data breach and warning that it may impact a substantial proportion of the American population.
According to a press release published yesterday, preliminary investigations have identified files containing sensitive patient information, although there is no evidence suggesting the theft of comprehensive medical records. The company's CEO, Andrew Witty, has expressed commitment to supporting affected individuals and ensuring the swift recovery of services.
The cyberattack has potentially impacted a significant portion of the American population's protected health information (PHI) or personally identifiable information (PII). UnitedHealth Group notes that despite this, it has not found any proof of complete medical histories or doctors’ charts being stolen.
To assist those affected, UnitedHealth Group has launched a dedicated website and call center, providing free credit monitoring and identity theft protection services for two years. The call center, which also has trained clinicians on hand, will not provide details on individual data impacts yet due to the ongoing investigation.
The company continues to collaborate with leading external industry experts to monitor and analyze the compromised data. This includes keeping an eye on the internet and dark web, where 22 screenshots containing PHI and PII were briefly posted. While no further data dissemination has been reported, the company is taking proactive steps to ensure the confidentiality and security of the affected data.
Some media report that the healthcare organization opted to pay a ransom, while also disclosing that the attackers were in the corporate networks for nine days before they launched the catastrophic attack.
UnitedHealth service restoration progress
In terms of service restoration, Change Healthcare has made significant strides. Pharmacy services have nearly returned to normal, with 99% of pharmacies processing claims as usual. The majority of medical claims are being processed at near-normal rates as well.
Payment processing capabilities are at 86% of pre-incident levels and improving. Additionally, about 80% of Change Healthcare's major platforms and products have had their functionality restored, with complete system recovery expected in the coming weeks.
UnitedHealth Group is also addressing the broader implications of the cyberattack by offering to handle notifications and related administrative tasks on behalf of other stakeholders whose data may have been compromised.
For those potentially affected by the cyberattack, it is advisable to stay vigilant and make use of the resources offered by UnitedHealth Group, such as credit monitoring and consulting the dedicated support services. Regularly updating passwords and monitoring account statements can also help in preventing further unauthorized access.
Chinese Hackers Breached Into German Carmaker VW for Five Years
Leave a Reply