Change Healthcare confirms ransomware hackers stole medical records on a 'substantial proportion' of Americans

Zack Whittaker

Updated 21 June 2024 at 1:34 pm·3-min read

Change Healthcare has confirmed a February ransomware attack on its systems, which brought widespread disruption to the U.S. healthcare system for weeks and resulted in the theft of medical records affecting a "substantial proportion of people in America."

In a statement Thursday, Change Healthcare said it has begun the process of notifying affected individuals whose information was stolen during the cyberattack.

The health tech giant, owned by U.S. insurance conglomerate UnitedHealth Group, processes patient insurance and billing for thousands of hospitals, pharmacies and medical practices across the U.S. healthcare sector. As such, the company has access to massive amounts of health information on about a third of all Americans.

The cyberattack prompted the company to shut down its systems, resulting in outages and delays to thousands of healthcare providers who rely on Change, and affecting countless patients who could not obtain prescriptions or had medical care or procedures delayed.

Change said in its latest statement that it "cannot confirm exactly" what data was stolen about each individual, and that the information may vary from person to person.

The affected information includes personal information, such as names and addresses, dates of birth, phone numbers and email addresses, as well as government identity documents, such as Social Security numbers, driver licenses and passport numbers.

The data also includes medical records and health information, such as diagnoses, medications, test results, imaging and care and treatment plans, said Change. The hackers stole health insurance information, including plan and policy details, as well as billing, claims and payment information, which Change said includes financial and banking information.

Change said it was still in the "late stages" of its review of the stolen data to determine what was taken and that more affected individuals may be identified. Some of the stolen information may relate to guarantors who paid healthcare bills for someone else, the company said.

The company added that affected individuals should receive notice by mail beginning late July.

The ransomware attack on Change Healthcare stands as one of the largest-ever known digital thefts of U.S. medical records. While the full impact of this data breach remains unclear, the ramifications for the millions of Americans whose private medical information was irretrievably compromised are likely incalculable.

Change said it secured a copy of the stolen dataset in March to review for identifying and notifying affected individuals, which TechCrunch previously reported was obtained in exchange for paying a ransom demand.

UnitedHealth confirmed it paid at least one ransom demand to the cybercriminal group behind the ransomware attack, known as ALPHV, in an effort to prevent the publication of the stolen files. Another hacking group called RansomHub demanded an additional payment from UnitedHealth after claiming ALPHV made off with the first ransom payment but left the stolen data with one of its affiliates — essentially a contractor — who broke in and deployed the ransomware on Change's systems.

RansomHub subsequently published several files on its dark web leak site and threatened to sell the data to the highest bidder if another ransom wasn't paid.

According to UnitedHealth chief executive Andrew Witty, the hackers broke into Change Healthcare's network using a set of stolen credentials to an internal system that was not protected with multi-factor authentication, a security feature that makes it more difficult for malicious hackers to misuse stolen passwords.

The ransomware attack cost UnitedHealth around $870 million in the first three months of the year, during which the company made $100 billion in revenue, according to the company's earnings report. UnitedHealth is expected to report its most recent earnings in mid-July.

https://techcrunch.com/2024/04/30/uhg-change-healthcare-ransomware-compromised-credentials-mfa

AFP News
As ice melts, Everest's 'death zone' gives up its ghosts
On Everest's sacred slopes, climate change is thinning snow and ice, increasingly exposing the bodies of hundreds of mountaineers who died chasing their dream to summit the world's highest mountain.Sherpa said that bringing one body down from close to Lhotse's 8,516 metre peak -- the world's fourth-highest mountain -- had been among the hardest challenges so far.
The Independent
Boy, 14, was held down and hacked to death at Wyoming mall while he tried to protect his girlfriend
Dominique Antonio Richard Harris and Jarreth Plunkett, both 15, are accused of murdering 14-year-old Bobby Maher during fatal attack
BBC
China honours woman who died saving Japanese family
Hu Youping, a bus attendant, tried to restrain an assailant at a bus stop outside a Japanese school.
Associated Press
Indonesia detains 103 Taiwanese in a raid in Bali involving suspected cybercrime
Indonesian immigration authorities have detained 103 Taiwanese people after a raid at a villa on the resort island of Bali, officials said Friday. Godam said Indonesian authorities cannot charged them with conducting cybercrime.
Fortune
Departing Nvidia VP salutes Jensen Huang’s leadership, and pinpoints the 3 key principles he taught her
After 7 years of working for Nvidia’s CEO Jensen Huang, the chipmaker's outgoing VP said that her boss taught her about the importance of first principles thinking, zero-billion dollar markets and speed-of-light execution.
The Independent
Chinese woman who tried to shield Japanese mother and her child from bus stop knife attack dies
Japanese embassy in China lowers its flag to half mast to honour victim Hu Youping’s death
The Telegraph
South Korea is running out of children – and this country could be next
Every spring, when warm rays of sunshine herald the start of South Korea’s baking summer, fountains across Seoul’s central Gwanghwamun plaza suddenly burst into life, sending cooling jets of water into the air.
The Independent
Driver who crashed into Wimbledon school killing two girls will not face charges, having had an epileptic fit
The parents of two eight-year-old girls who died said ‘justice had never been done’ and the ruling was disappointing
CNN
US Air Force member charged with kidnapping and raping Japanese schoolgirl
Japanese prosecutors have charged a US Air Force member with allegedly kidnapping and raping an underage girl just before Christmas last year, Okinawa police confirmed to CNN on Wednesday.
Simply Wall St.
Three SGX Stocks Estimated To Trade At Discounts Between 42.5% And 45.3%
As the global financial landscape evolves, Singapore's market is uniquely positioned to capitalize on emerging trends such as the tokenisation of trade finance assets. This shift towards digital assets highlights a broader transformation in investment opportunities and market dynamics. In this context, identifying stocks that are potentially undervalued becomes crucial, as they may offer significant growth potential amidst these transformative economic conditions.
The Telegraph
Investors have no idea how exposed they are to the next market crash
Before we read too much into Nvidia’s £400bn share price slide, let’s put it in context.
The Smart Investor
4 Singapore Stocks Paying Out Dividends in July
We feature four Singapore stocks that are doling out dividends in July. The post 4 Singapore Stocks Paying Out Dividends in July appeared first on The Smart Investor.
CNN
Restaurants ban young customers, video captures massive sinkhole and a rare dinosaur find: Catch up on the day’s stories
CNN’s 5 Things PM brings you the stories you might have missed during your busy day.
People
Wife Accused of Spiking Husband's Mountain Dew with Weed Killer Told Cops, 'She Should Have Just Divorced Him'
Michelle Peters told police she was mad at her husband because he didn't appreciate the 50th birthday party she threw for him, court documents allege
The Independent
Texas executes man, 41, who committed murder as a teen then served as spiritual advisor to prison inmates
Ramiro Gonzales died by lethal injection and was pronounced dead at 6.50pm at the State Penitentiary in Huntsville
Barrons.com
Alibaba Stock Looks Poised for a Rally. Why China Trade Tensions Could Be a Catalyst.
Technical market indicators show Alibaba stock is primed for a rally that could shake shares in the Chinese tech giant out of their funk—if only there were a catalyst. Geopolitical tensions or trade talks could be the ticket, or a risk. Alibaba stock continues to languish, down more than 1% so far this year—badly lagging behind the index as well as Hong Kong’s benchmark—and sliding more than 8% in the past month.
NY Daily News
Migrant who shot NYPD cops says that’s ‘common practice’ back in Venezuela, prosecutors say
NEW YORK — A migrant accused of shooting and wounding two NYPD cops in Queens told authorities firing at police was “common practice” back home in Venezuela — although he claimed he didn’t mean to open fire, prosecutors said Wednesday. Bernardo Raul Castro Mata, who prosecutors say shot the officers after being caught zipping the wrong way down a one-way Queens street on a scooter back on June ...
The Independent
Uvalde school police chief indicted over mass shooting that left 19 children and two teachers dead
Uvalde police officers had wanted to enter the classrooms once they had protective shields but Pete Arredondo’s decision ‘overrode’ that action
BBC
US soldier charged in Japan for rape of minor
The case is likely to stoke the long-standing local opposition to US military presence.
The Telegraph
Driver who said giving police middle finger was free speech is awarded $175,000
A driver who was arrested for giving a police officer the middle finger has won a $175,000 (£138,000) settlement after arguing the gesture should be considered free speech.

Straits Times Index

Nikkei

Hang Seng

FTSE 100

Bitcoin USD

CMC Crypto 200

S&P 500

Dow

Nasdaq

Gold

Crude Oil

10-Yr Bond

FTSE Bursa Malaysia

Jakarta Composite Index

PSE Index

Change Healthcare confirms ransomware hackers stole medical records on a 'substantial proportion' of Americans

Latest stories

As ice melts, Everest's 'death zone' gives up its ghosts

Boy, 14, was held down and hacked to death at Wyoming mall while he tried to protect his girlfriend

China honours woman who died saving Japanese family

Indonesia detains 103 Taiwanese in a raid in Bali involving suspected cybercrime

Departing Nvidia VP salutes Jensen Huang’s leadership, and pinpoints the 3 key principles he taught her

Chinese woman who tried to shield Japanese mother and her child from bus stop knife attack dies

South Korea is running out of children – and this country could be next

Driver who crashed into Wimbledon school killing two girls will not face charges, having had an epileptic fit

US Air Force member charged with kidnapping and raping Japanese schoolgirl

Three SGX Stocks Estimated To Trade At Discounts Between 42.5% And 45.3%

Investors have no idea how exposed they are to the next market crash

4 Singapore Stocks Paying Out Dividends in July

Restaurants ban young customers, video captures massive sinkhole and a rare dinosaur find: Catch up on the day’s stories

Wife Accused of Spiking Husband's Mountain Dew with Weed Killer Told Cops, 'She Should Have Just Divorced Him'

Texas executes man, 41, who committed murder as a teen then served as spiritual advisor to prison inmates

Alibaba Stock Looks Poised for a Rally. Why China Trade Tensions Could Be a Catalyst.

Migrant who shot NYPD cops says that’s ‘common practice’ back in Venezuela, prosecutors say

Uvalde school police chief indicted over mass shooting that left 19 children and two teachers dead

US soldier charged in Japan for rape of minor

Driver who said giving police middle finger was free speech is awarded $175,000