UnitedHealth Group: Patient data compromised despite paying ransomware

Mike Heuer

April 23, 2024 at 3:39 PM·2 min read

UPI — UnitedHealth Group officials on Monday announced a February cyberattack compromised an unknown number of Change Healthcare customers despite paying a ransom. Photo by Justin Lane/EPA-EFE

April 23 (UPI) -- Officials for Minnesota-based UnitedHealth Group on Monday said the health insurance and services provider paid a ransom to protect patients' data, but many personal files were breached in a recent cyberattack.

Cyber criminals targeted subsidiary Change Healthcare in February, and UnitedHealth Group paid an undisclosed ransom amount, corporate officials announced in a news release Monday.

The cyberattack compromised the personal healthcare data of many Americans, NBC News and TechCrunch reported.

"We know this attack has caused concern and been disruptive for consumers and providers," UnitedHealth Group CEO Andrew Witty said. "We are committed to doing everything possible to help and provide support to anyone who may need it."

Witty said it will take several months for UnitedHealth Group to continually analyze the data breach to identify those whose personal data was compromised and notify them.

The analysis includes monitoring the dark web and Internet to see if anyone's breached data was published. It also is utilizing information from 22 screenshots of alleged personal health and identity information that were published for about a week on the dark web by a "malicious actor," UnitedHealth Group officials said.

Corporate officials are communicating with law enforcement while undertaking the extended analysis to determine the full extent of data breached by the cyberattack.

UnitedHealth Group officials said the corporation "has made continued strong progress restoring services impacted by the event" and "prioritized the restoration of services that impact patient access to care or medication."

Medical claims processing and pharmacy services are nearly at normal levels, and payment processing for Change Healthcare is at about 86% of its normal levels and improving daily, UnitedHealth Group officials said.

The healthcare provider in February identified the BlackCat ransomware gang as the perpetrators of the cyberattack.

Investigators with the Department of Health and Human Services in March began investigating the cyberattack.

TechCrunch
UnitedHealth data breach should be a wake-up call for the UK and NHS
The ransomware attack that has engulfed U.S. health insurance giant UnitedHealth Group and its tech subsidiary Change Healthcare is a data privacy nightmare for millions of U.S. patients, with CEO Andrew Witty confirming this week that it may impact as much as one-third of the country. As one of the largest healthcare companies in the U.S., UnitedHealth is well known domestically, intersecting with every facet of the healthcare industry from insurance and billing and winding all the way through the physician and pharmacy networks -- it's a $500 billion juggernaut, and the 11th largest company globally by revenue.
TechCrunch
UnitedHealthcare CEO says 'maybe a third' of US citizens were affected by recent hack
Two months after hackers broke into Change Healthcare systems stealing and then encrypting company data, it’s still unclear how many Americans were impacted by the cyberattack. Last month, Andrew Witty, the CEO of Change Healthcare’s parent company UnitedHealth Group, said that the stolen files include the personal health information of “a substantial proportion of people in America.” On Wednesday, during a House hearing, when pushed to give a more definitive answer, Witty testified that the breach impacted “I think, maybe a third [of Americans] or somewhere of that level.”
TechCrunch
UnitedHealth CEO tells Senate all systems now have multi-factor authentication after hack
UnitedHealth Group Chief Executive Officer Andrew Witty told senators on Wednesday that the company has now enabled multi-factor authentication on all the company’s systems exposed to the internet in response to the recent cyberattack against its subsidiary Change Healthcare. The lack of multi-factor authentication was at the center of the ransomware attack that hit Change Healthcare earlier this year, which impacted pharmacies, hospitals and doctors' offices across the United States. Multi-factor authentication, or MFA, is a basic cybersecurity mechanism that prevents hackers from breaking into accounts or systems with a stolen password by requiring a second code to log in.
TechCrunch
Change Healthcare hackers broke in using stolen credentials — and no MFA, says UHG CEO
The ransomware gang that hacked into U.S. health tech giant Change Healthcare used a set of stolen credentials to remotely access the company's systems that weren't protected by multifactor authentication (MFA), according to the chief executive of its parent company, UnitedHealth Group (UHG). UnitedHealth CEO Andrew Witty provided the written testimony ahead of a House subcommittee hearing on Wednesday into the February ransomware attack that caused months of disruption across the U.S. healthcare system. This is the first time the health insurance giant has given an assessment of how hackers broke into Change Healthcare's systems, during which massive amounts of health data were exfiltrated from its systems.
TechCrunch
Despite recent successes, IPO market still won't fully open until 2025
"I don't think we will have the floodgates open like I might have thought," Greg Martin, co-founder and managing director at Rainmaker Securities, told TechCrunch. Jeremy Glaser, a lawyer and co-chair of Mintz's venture capital and emerging companies practice, said that despite how the recent IPOs have performed thus far, people need more data than just a few weeks, or a month, of trading to feel confident. Klaviyo is currently trading at a $5.94 billion market cap, down from its $9.2 billion IPO price.
TechCrunch
Sprinklr lays off more than 100 employees
Sprinklr, a U.S. firm offering a customer experience management platform to global brands, has laid off about 3% of its workforce — around 116 people — to realign its customer operations team, the company confirmed to TechCrunch in a statement. The New York-headquartered company, which counts Microsoft, Samsung, P&G and over 60% of the Fortune 100 companies globally as customers, started notifying affected employees in markets including the U.S. and India about its decision on Thursday, TechCrunch exclusively learned and confirmed with the company through an email. "Sprinklr made the strategic business decision to realign our headcount across our customer operations organization," a company spokesperson said.
TechCrunch
TechCrunch Minute: Spotify’s move to paywall lyrics is putting pressure on free users
Spotify's slow movement to put lyrics behind its paid service wall in its music service are about as popular as you would expect. Precise details of the update are evolving but what we can say at this point is that it seems that Spotify has a new feature up its sleeve to try and get free users to convert to is paid service. Sure, it's a little weird that Spotify is going to start putting information that is freely available online behind a paid wall, but the company is in a slightly difficult position today.
Engadget
X is using Grok to publish AI-generated news summaries
X is using Grok to publish AI-generated summaries of news and other topics that trend on the platform.
Autoblog
Study: These are the most expensive vehicles to drive per mile
iSeeCars' data showed that electric vehicles dominated the list of the most expensive vehicles to drive. Here's why.
Yahoo Tech
'I'm never concerned it'll fall': This top-selling phone mount is just $20 at Amazon
More than 95,000 people use this to keep their eyes on the road, instead of on their phones.
Yahoo News
Southeast Texas flooding: photos capture water rescues of people and pets and severe damage to homes
Southeast Texas has been hit with heavy rains and rising rivers, leading to school closings, high-water rescues and mandatory evacuation orders in some areas. Here's a look at the situation unfolding in the region through photos.
TechCrunch
EQT snaps up API and identity management software company WSO2 for more than $600M
WSO2, a company that provides API management and identity and access management (IAM) services for enterprises, has been acquired by Swedish investment giant EQT. Terms of the deal were not disclosed, but TechCrunch has learned via sources that the deal values WSO2 at "more than" $600 million, with EQT attaining a "significant majority" stake for the price. WSO2's products include an open source API manager, comparable to something like Google's Apigee, which businesses use for building and integrating all their digital services, either in the cloud or on-premises.
Yahoo Personal Finance
How to remove FHA mortgage insurance and lower your payments
FHA mortgage insurance removal is possible if you refinance or qualify for cancellation. Find out if you’re eligible to remove FHA mortgage insurance.
Yahoo Sports
MLB and Nike announce adjustments to player uniforms for 2025 season
MLB and Nike are making changes to the player uniforms for the 2025 season. The uniforms have faced heavy criticism for a variety of issues, including small lettering and discoloration from sweat.
Yahoo Life
Busy Philipps opens up about her mental health journey and ADHD diagnosis: 'Why is this so hard for me?'
"I allowed it to make me feel bad about myself and tell myself stories about my intelligence and my capabilities," says the actress, who was diagnosed with ADHD at 39.
TechCrunch
Three things we learned about Apple's AI plans from its earnings
Apple CEO Tim Cook didn't give much away about the company's AI plans on Thursday's Q2 earnings call with investors, but he did confirm a few tidbits about how the tech giant plans to move forward with artificial intelligence. Notably, his comments suggested that despite spending more than $100 billion on R&D over the last five years, Apple isn't planning to spin up too many new data centers to run or train AI models. While we've known this for some time — after all, Apple has been calling its M3 MacBook Airs the "best consumer laptop for AI" — the company shouted out how AI is being used across its products on its earnings call.
TechCrunch
X launches Stories, delivering news summarized by Grok AI
X, formerly Twitter, is now using Elon Musk's AI chatbot Grok to power a feature that summarizes the personalized trending stories in the app's Explore section. See what the world is talking about with Stories on X, curated by @grok.
TechCrunch
Fisker stiffed the engineering firm developing its low-cost EV and pickup truck, lawsuit claims
Henrik Fisker stood on a stage last August and proudly debuted two prototypes designed to catapult his eponymous EV startup Fisker into the mainstream. There was the Pear, a low-cost EV meant for the masses, and the Alaska, Fisker’s entry into the red-hot pickup truck market. In the weeks that followed, Fisker stopped paying the engineering firm that helped develop those vehicles, according to a previously-unreported lawsuit filed in federal court this week.
Autoblog
The 10 cheapest cars to drive per mile in 2024
A new iSeeCars study found that hybrids offer a much lower cost per mile than other fuel types.
Engadget
Redfall’s two DLC heroes are still MIA a year later
Microsoft may want to be more careful about leaving a trail of broken promises when games don’t go as planned. A year after Redfall landed with a thud, players are still waiting for the advertised post-launch DLC they already paid for.

News

Life

Entertainment

Finance

Sports

New on Yahoo

UnitedHealth Group: Patient data compromised despite paying ransomware

Recommended Stories

UnitedHealth data breach should be a wake-up call for the UK and NHS

UnitedHealthcare CEO says 'maybe a third' of US citizens were affected by recent hack

UnitedHealth CEO tells Senate all systems now have multi-factor authentication after hack

Change Healthcare hackers broke in using stolen credentials — and no MFA, says UHG CEO

Despite recent successes, IPO market still won't fully open until 2025

Sprinklr lays off more than 100 employees

TechCrunch Minute: Spotify’s move to paywall lyrics is putting pressure on free users

X is using Grok to publish AI-generated news summaries

Study: These are the most expensive vehicles to drive per mile

'I'm never concerned it'll fall': This top-selling phone mount is just $20 at Amazon

Southeast Texas flooding: photos capture water rescues of people and pets and severe damage to homes

EQT snaps up API and identity management software company WSO2 for more than $600M

How to remove FHA mortgage insurance and lower your payments

MLB and Nike announce adjustments to player uniforms for 2025 season

Busy Philipps opens up about her mental health journey and ADHD diagnosis: 'Why is this so hard for me?'

Three things we learned about Apple's AI plans from its earnings

X launches Stories, delivering news summarized by Grok AI

Fisker stiffed the engineering firm developing its low-cost EV and pickup truck, lawsuit claims

The 10 cheapest cars to drive per mile in 2024

Redfall’s two DLC heroes are still MIA a year later