A huge data breach at one of the country’s leading health insurance providers could mean that your personal information has been compromised. Let’s take a look and see what your options are.
Data Breach Bombshell
On Monday, UnitedHealth Group announced that hackers had managed to invade their systems in February and stole protected health information (PHI) and personally identifiable information (PII) from “a substantial proportion of people in America.”
Missing Pieces
This is a massive cybersecurity breach. However, the company clarified that they hadn’t seen any evidence of doctors’ charts or complete medical histories in the data.
2015’s Massive Breach
The country’s largest healthcare data breach happened in February 2015 and affected almost 80 million people. Experts are warning that this latest leakage could be the largest on record, involving even more people.
“A Substantial Proportion” of Americans Affected
At the time of the February data breach, Rick Pollack, CEO and President of the American Hospital Association, said, “The Change Healthcare cyberattack is the most significant and consequential incident of its kind against the U.S. healthcare system in history.”
Federal Mandates
Federal regulations require UnitedHealth Group to release an official breach notification, which will be sent to every customer. However, Monday’s announcement was not an official notification, as the company is waiting to gather enough information about the attack.
Months-Long Wait for Full Data Report
According to UnitedHealth, a full report on the leaked data will take months to complete.
Details of UnitedHealth’s Security Breach
It all began when UnitedHealth suffered a ransomware cyberattack on their Change Healthcare system back in February.
A Hostage Situation
In a ransomware attack, a hacker basically holds a computer system hostage – typically requiring a ransom to be paid or else private data will be leaked.
System Paralysis
This hack crippled the company’s pharmacy and medical claims services, which made it a challenge for providers to process insurance claims and handle billings.
Claims and Billings Crisis
Change Healthcare processes 15 billion transactions a year, so the fallout from being unable to access the system was immediate and extensive.
Impact Beyond UnitedHealth Insured
Even patients who don’t have insurance through UnitedHealth may have been affected, as hospitals and doctors struggled with cash-flow issues brought on by the downed systems – some of which are still down today.
Prescription Chaos and Administrative Mayhem
Patients struggled to fill prescriptions, and administrative hell began for hospitals and clinics, which couldn’t file claims or payments from insurers.
Weeks Before Detection
According to the Wall Street Journal, hackers had breached the system over a week before they were detected. They managed to sneak in using stolen credentials for a system that lets users log in remotely.
Ransom Payment
In a bid to regain access to Change Healthcare, UnitedHealth paid the hackers ransom of around $18 million “as part of the company’s commitment to do all it could to protect patient data from disclosure.”
Dark Web Exposé
While UnitedHealth Group managed to regain control of Change Healthcare, screenshots of people’s data began cropping up on the dark web.
Data Leaks and Screenshots
“There were 22 screenshots, allegedly from exfiltrated files, some containing PHI and PII, posted for about a week on the dark web by a malicious threat actor. No further publication of PHI or PII has occurred at this time,” UnitedHealth Group wrote in a news statement.
Scale of Theft
According to reports, the group behind the hack claimed they had stolen 8 terabytes of sensitive data from Change Healthcare. According to the group, this included information on active military personnel, as well as other patient’s medical records, payment information, social security numbers, and more.
CEO’s Pledge Amid Data Fears
In a statement, CEO of UnitedHealth Group Andrew Witty said, “We know this attack has caused concern and been disruptive for consumers and providers, and we are committed to doing everything possible to help and provide support to anyone who may need it.”
Vigilance on the Internet’s Dark Corners
UnitedHealth is currently monitoring the internet and dark web “to determine if data has been published.”
Financial Toll of Cyberattack
The hack is estimated to have cost UnitedHealth between $1.3 billion and $1.6 billion this year alone.
What Can You Do?
So, what exactly are your options if you’re worried about your data?
Resources for Affected Individuals
Well, UnitedHealth is offering free credit monitoring and identity theft protection for anyone worried, which will last for two years. They’ve launched a dedicated website with information on how to sign up and other resources, and they’ve also created a dedicated call center for any inquiries.
Limited Details from Ongoing Data Review
The call center comes with a condition, however, that “Given the ongoing nature and complexity of the data review, the call center will not be able to provide any specifics on individual data impact at this time.”
UnitedHealth’s Continuing Efforts
This breach at UnitedHealth Group is a big deal, potentially affecting a lot of people across the country. While they’re working on solutions and offering support, the full extent of the damage and who’s affected is still being investigated.
21 States Where Squatters Can Legally Claim Your Property
Discover how squatters’ rights, or adverse possession, are more than just legal jargon—they’re stories of unexpected twists in the world of real estate. From sunny California to the historical landscapes of Pennsylvania, here’s how these laws could turn the tables on homeowners and squatters alike. 21 States Where Squatters Can Legally Claim Your Property
14 Things That Are Banned in the U.S. but Totally Fine Elsewhere
Ever feel like America’s rulebook was written by someone with a dartboard? Across the pond or down under, things get even wackier. Let’s take a walk on the wild side of global “Do’s” that are definite “Don’ts” in the Land of the Free. 14 Things That Are Banned in the U.S. but Totally Fine Elsewhere
25 American States Nobody Wants to Visit Anymore
Across the United States, some states capture the hearts and itineraries of many, while others remain quietly on the sidelines, overshadowed or misunderstood. These 25 states, facing what you might call a popularity crisis, are brimming with hidden wonders, cultural riches, and natural beauty, awaiting those willing to look beyond the usual tourist trails. 25 American States Nobody Wants to Visit Anymore
20 Foods That Are Cheaper to Eat Out Than Making at Home
In a world where convenience often wins, certain culinary delights come with a lower price tag when enjoyed at a restaurant rather than crafted in your own kitchen. Here are twenty foods that might save you both time and money when indulged in at your favorite eatery. 20 Foods That Are Cheaper to Eat out Than Making at Home
17 Things You’re Paying For, but You Don’t Have To
In the land of the free, there’s a price tag on everything, but savvy Americans know better than to open their wallets for just anything. Here are 17 expenses you’ve been shelling out for without realizing there’s a cheaper or even free alternative. 17 Things You’re Paying For, but You Don’t Have To
The post Medical Data at Risk: UnitedHealth Breach Raises Concerns first appeared on From Frugal to Free.
Featured Image Credit: Shutterstock / Poetra.RH.
The content of this article is for informational purposes only and does not constitute or replace professional financial advice.
