UnitedHealth paid ransom in Change Healthcare cyberattack, says patient data was compromised
Source: NBC News
April 23, 2024, 11:24 AM EDT / Source: CNBC.com
UnitedHealth Group on Monday said it paid ransom to cyberthreat actors to try to protect patient data, following the February cyberattack on its subsidiary Change Healthcare. The company also confirmed that files containing personal information were compromised in the breach.
This attack was conducted by malicious threat actors, and we continue to work with the law enforcement and multiple leading cyber security firms during our investigation, UnitedHealth told CNBC in a statement. A ransom was paid as part of the companys commitment to do all it could to protect patient data from disclosure.
The company did not specify the ransom payment amount.
UnitedHealth, which has more than 152 million customers, said it has also determined that the cyberthreat actors accessed files containing protected health information and personally identifiable information, according to a release Monday. The files could cover a substantial proportion of people in America, the release said.
Read more: https://www.nbcnews.com/health/health-care/change-healthcare-ransom-cyberattack-patient-data-rcna148959
Link to UnitedHealth PRESS RELEASE - UnitedHealth Group Updates on Change Healthcare Cyberattack
erronis
(15,328 posts)russian/norks/chinese/trump. They're all crooks.
UHC should be slapped upside the head and fined $100B for supporting putin and other despots. But they're "Too Big To Fail", again.
moniss
(4,274 posts)wants my info and they promise me about how secure their systems are I just say "Sure.......until they're not." Then when it all blows up in their face they can offer "credit monitoring". Big deal. Many of us have been doing that for years already.
infullview
(982 posts)They probably got hacked through an admin login that infected their software update system. It makes the crypto virus look like an update and distributes it to the servers. The reason you dont ever pay the ransom is: even after your files are decrypted, a virus is left behind in the server. The cure is not clean. The only right way, is to restore from clean backups, and that assumes they had a good backup system in place to give them a recent up to the hour recovery.
Miguelito Loveless
(4,473 posts)as that is the rage these days. My BIL worked for over 15+ years as the head of IT for a large commercial real estate developer, and when the CEO retired, the new CEO immediately instituted cost containment measures which involved firing the entire IT department, and outsourcing the job.
infullview
(982 posts)I just lost my job because the company that bought us outsourced development. They kept me on long enough to have me write the data export SQL scripts then jettisoned me. I was doing both IT and development.