UnitedHealth says Change hackers stole well being knowledge on ‘substantial proportion of individuals in America’

Medical health insurance large UnitedHealth Group has confirmed {that a} ransomware assault on its well being tech subsidiary Change Healthcare earlier this 12 months resulted in an enormous theft of People’ personal healthcare knowledge.

UnitedHealth stated in a statement on Monday {that a} ransomware gang took information containing private knowledge and guarded well being data that it says could “cover a substantial proportion of people in America.”

The medical health insurance large didn’t say what number of People are affected however stated the info evaluation was “likely to take several months” earlier than the corporate would start notifying people that their data was stolen within the cyberattack.

Change Healthcare processes insurance coverage and billing for lots of of 1000’s of hospitals, pharmacies and medical practices throughout the U.S. healthcare sector; it has entry to large quantities of well being data on about half of all People.

UnitedHealth stated it had not but seen proof that docs’ charts or full medical histories have been exfiltrated from its techniques.

The admission that hackers stole People’ well being knowledge comes every week after a brand new hacking group began publishing portions of the stolen data in an effort to extort a second ransom demand from the corporate.

The gang, which calls itself RansomHub, revealed a number of information on its darkish net leak web site containing private details about sufferers throughout an array of paperwork, a few of which included inner information associated to Change Healthcare. RansomHub stated it could promote the stolen knowledge except Change Healthcare pays a ransom.

RansomHub is the second gang to demand a ransom from Change Healthcare. The well being tech large reportedly paid $22 million to a Russia-based prison gang known as ALPHV in March, which then disappeared, stiffing the affiliate that carried out the info theft out of their portion of the ransom.

RansomHub claimed in its publish alongside the revealed stolen knowledge that “we have the data and not ALPHV.”

In its assertion Monday, UnitedHealth acknowledged the publication of a few of the information however stopped wanting claiming possession of the paperwork. “This is not an official breach notification,” UnitedHealth stated.

The Wall Road Journal reported Monday that the prison hacking affiliate of ALPHV broke into Change Healthcare’s community using stolen credentials for a system that permits distant entry to its community. The hackers have been in Change Healthcare’s community for greater than every week earlier than deploying ransomware, permitting the hackers to steal vital quantities of information from the corporate’s techniques.

The cyberattack at Change Healthcare started on February 21 and resulted in ongoing widespread outages at pharmacies and hospitals throughout america. For weeks, physicians, pharmacies and hospitals couldn’t confirm affected person advantages for meting out medicines, organizing inpatient care, or processing prior authorizations obligatory for surgical procedures.

A lot of the U.S. healthcare system floor to a halt, with healthcare suppliers going through monetary stress as backlogs develop and outages linger.

UnitedHealth reported final week that the ransomware assault has value it greater than $870 million in losses. The corporate reported it made $99.8 billion in income throughout the first three months of the 12 months, faring higher than what Wall Road analysts had anticipated.

UnitedHealth CEO Andrew Witty, who obtained near $21 million in complete compensation the complete 12 months of 2022, is about to testify to House lawmakers on May 1.