Change Healthcare Data Breach Creates Industry Havoc – Puts Undisclosed Number Of Persons At Risk Of Identity Theft Featured
Massive data breach at patient payment service causing delays to prescription and health services across the country.
Who Is Change Healthcare?
Change Healthcare is part of health tech company Optum, which is owned by healthcare giant UnitedHealth Group as of 2022. Through its platform, Change processes patient payments for healthcare organizations across the country.
What Happened?
On February 29th 2024, Change Healthcare advised that the ransomware group known as ALPHV, or Blackcat, has claimed responsibility for the cyberattack on its systems that it first disclosed on February 21st. Change Healthcare also said it is continuing to assess the impact of the attack, only acknowledging that it has affected billing and care-authorization portals across the country. Rumors were circulating on March 4th that it the Company paid a ransom of $22 million dollars.
While little information is known about the cyberattack, the severity of the situation is still unfolding. One of the immediate impacts is that patients are seeing delays in getting their prescriptions. According the Change Healthcare spokesperson, most affected pharmacies are using workarounds like writing things down.
Hospitals across the country are also having issues with processing claims, billing patients and checking insurance coverage for care. The attack could also affect hospitals ability to pay workers and buy medicine and supplies.
Change stated that it has “multiple workarounds to ensure people have access to the medications and the care they need” and affirmed that Optum, UnitedHealthcare and UnitedHealth Group systems do not appear to be impacted.
“We are working on multiple approaches to restored the impacted environment and continue to be proactive and aggressive with all our systems, and if we suspect any issue with the system, we will immediately take action,” the notice continued.
What Information Was Obtained By The Hackers?
BlackCat claims that it exfiltrated 6 TB of data that “relates to all Change Health clients that have sensitive data being processed by the company.” The group claims to have exfiltrated data pertaining to Medicare, TriCare, CVS, MetLife, and more.
What is Change Healthcare Doing To Protect My Identity?
The company’s latest notice to customers states that “Our experts are working to address the matter and we are working closely with law enforcement and leading third-party consultants, Mandiant and Palo Alto Network, on this attack against Change Healthcare’s systems. We are actively working to understand the impact to members, patients and customers.”
As of March 4, 2024, Change has not indicated if personal identifying or health information was stolen during the attack. However, given the amount of data exfiltrated, it would seem prudent for patients and customers to remain vigilant to that possibility.
If Change Healthcare determines that your personal information was involved in the attack, it will begin notifying affected individuals of what information was compromised in the breach. For more information about how you can minimize the risk for identity theft, please review these recommendations.
Protect Your Identity. Join the Change Healthcare data breach class action.
If you received a data breach notification from Change Healthcare/Optum/United Health Group, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options at no cost to you.
The lawsuit looks to cover anyone in the USA whose private information was compromised by the breach recently announced by Change Healthcare.
Please complete the form shown on this page and a data breach attorney will contact you. There is no cost to you and no obligation on your part.