Change Healthcare: Biggest data leak in the US healthcare sector
After a cyberattack on Change Healthcare earlier this year, there is now certainty. Medical data on almost a third of the US population was leaked.
(Image: LeoWolfert/Shutterstock.com)
Following a ransomware attack in February earlier this year, UnitedHealth Group confirms a data breach affecting more than 100 million people. At the beginning of May, UnitedHealth admitted that a third of the US population could have been affected by the incident. Now, the U.S. Department of Health and Human Services Office for Civil Rights has updated the total number of people affected on its data breach portal. This corresponds to 100 million affected Americans.
The stolen data includes insurance information, medical documents, payment data and social security numbers. The attackers exploited a security vulnerability at UnitedHealth subsidiary Change Healthcare [--] the largest payment service provider in the US healthcare sector.
As a result of an attack, the ransomware gang AlphV, also known as BlackCat, had captured around 6 terabytes of data and demanded ransom – according to Bleeping Computer . The incident also had a significant impact on patient care, doctors and pharmacists, as well as US military hospitals worldwide. Some patients had to make advance payments and pay high costs for medication themselves. Since the incident in February, many doctors and pharmacies have been unable to use UnitedHealth's systems.
Videos by heise
Change Healthcare offered those affected free identity protection and credit monitoring for two years after the attack became known. The company is also cooperating with cyber security experts and law enforcement agencies to investigate the incident.
After taking over unsecured servers
The attackers gained access via a server that was not secured using multi-factor authentication. This enabled the attackers to access the Citrix application for remote access to Change Healthcare's systems, as UnitedHealth CEO Andrew Witty stated in a hearing in the US Senate at the beginning of May.
He was not able to say why the attackers were able to penetrate the systems unnoticed for a week – The exact circumstances are still being investigated. After the takeover of Change Healthcare by UnitedHealth in 2022, the systems first had to be updated.
(mack)
