Change Healthcare faces new cybersecurity nightmare after… ransomware the group has begun promoting what it claims are People’ confidential medical and monetary information. stolen from healthcare big.
“For almost all of People doubting us, we most likely have your private information,” the RansomHub gang mentioned in an advert seen by WIRED.
Based mostly on the screenshots, the stolen information allegedly contains medical and dental information, fee claims, insurance coverage info and private info akin to Social Safety numbers and electronic mail addresses. RansomHub mentioned it has well being information on active-duty US navy personnel.
The widespread theft and sale of delicate well being information represents a dramatic new type of fallout from the February cyberattack on Change Healthcare, which crippled the corporate’s claims-payment operations and plunged the U.S. well being care system into disaster as hospitals struggled to remain open with out common funding. .
Change Healthcare, a subsidiary of UnitedHealth Group, beforehand acknowledged {that a} ransomware gang referred to as BlackCat or AlphV hacked its techniques and advised WIRED final week that it was investigating RansomHub’s claims to have stolen firm information. Change Healthcare didn’t instantly reply to a request for touch upon the group’s proposed sale of its information.
The wide selection of affected person information that RansomHub claims to be promoting is a testomony to Change Healthcare’s position as a crucial middleman between insurers and healthcare suppliers, facilitating funds between each events and accumulating reams of delicate details about sufferers and their medical procedures within the course of. .
Among the many pattern information revealed by RansomHub is an inventory of open claims processed by the corporate’s subsidiary EquiClaim, which incorporates the names of sufferers and suppliers; hospital discharge from a 74-year-old girl in Tampa, Florida; and a portion of a database file referring to well being take care of U.S. navy personnel.
RansomHub mentioned it would permit particular person insurance coverage corporations that labored with Change Healthcare and whose information was compromised to pay a ransom to forestall their information from being bought. It clarified that the information being bought was owned by MetLife, CVS Caremark, Davis Imaginative and prescient, Well being Internet and Academics Well being Belief.
“Change Healthcare’s dealing with of delicate information for all of those corporations is unimaginable,” RansomHub mentioned in a press release.
Many of the corporations whose information RansomHub claims to personal didn’t instantly reply to WIRED’s request for remark.
Mike DeAngelis, govt director of company communications for CVS Well being, says the corporate is “conscious of unsubstantiated claims from risk actors that delicate information, together with private info of sufferers and members belonging to a number of organizations, was accessed as a part of the Change Healthcare cybersecurity incident ” “
“We’re intently monitoring Change Healthcare’s response to this subject and can present updates with further info as wanted,” DeAngelis provides, noting that Change Healthcare has not but confirmed that affected person information “was impacted by this incident.”
Brett Callow, a risk analyst at safety agency Emsisoft who intently tracks ransomware gangs, says the brand new sale of stolen information was possible “much less about really promoting the information” and extra about focusing on Change Healthcare – and accomplice corporations , whose information she was unable to reveal. defend – “underneath the extra stress of getting to pay.”
Change Healthcare seems to have paid $22 million ransom to AlphV to forestall terabytes of stolen information from leaking.
Two months into the ransomware disaster, Change Healthcare has suffered mounting losses. The corporate lately introduced spending $872 million responding to the incident as of March 31.
On the identical time, Change is underneath rising stress from lawmakers and regulators to clarify its cybersecurity lapses and the steps it’s taking to forestall one other hack.
On Tuesday, a subcommittee of the Home Power and Commerce Committee held a listening to on the cyber panorama of the well being care sector with key lawmakers. talking they have been upset that UnitedHealth Group refused to make one in all its executives obtainable to testify. And the Division of Well being and Human Providers investigation into whether or not Change Healthcare is a failure To stop hackers from accessing and stealing his information, they violated federal information safety rules.
Up to date April 16, 2024 5:38 pm ET: Added further particulars concerning the corporations whose information RansomHub claims to personal.