Data Stolen From Change Healthcare Ransomed In Second Attack
News outlets report on what cybersecurity experts had warned may happen in the aftermath of the recent attack on Change Healthcare: an alliance between cybercriminals. The alleged second ransom effort centers on 4TB of personal data on Change patients, which a new group threatens to release.
The Register:
Second Ransomware Gang Says It’s Extorting Change Healthcare
Change Healthcare is allegedly being extorted by a second ransomware gang, mere weeks after recovering from an ALPHV attack. RansomHub claimed responsibility for attacking Change Healthcare in the last few hours, saying it had 4 TB of the company's data containing personally identifiable information (PII) belonging to active US military personnel and other patients, medical records, payment information, and more. The miscreants are demanding a ransom payment from the healthcare IT business within 12 days or its data will be sold to the highest bidder. (Jones, 4/8)
SC Media:
Change Healthcare Breach Data May Be In Hands Of New Ransomware Group
“This comes as no surprise. We had previously outlined this scenario in our blog post, foreseeing the potential for such alliances in the cybercriminal ecosystem,” Ngoc Bui, a cybersecurity expert at Menlo Security, told SC Media in an email. “The involvement of a middleman, typical in ransomware-as-a-service (RaaS) attacks, adds another level of complexity and risk. It complicates the direct line of negotiation and payment to the threat actors with the data that was stolen.” RansomHub began a countdown of just over 12 days for UnitedHealth to make a ransom payment before the dataset is sold. (French, 4/8)
USA Today:
How To Check If Your Health Data Was Breached? See Our Database
More than 144 million Americans' medical information was stolen or exposed last year in a record-breaking number of health care data breaches, a USA TODAY analysis of Health and Human Services data found. (Garzella, 4/9)
USA Today:
What To Do If Your Health Information Has Been Breached: 3 Vital Steps
Health care data breaches soared to record-breaking levels in 2023, fueled by a surge in ransomware attacks and increased targeting of the third-party vendors hospitals and other health care providers use. Exposure of protected health information and personally identifiable information can put patients at risk of identity theft or insurance fraud. “Be careful not to share sensitive information over e-mail, text messages or other communication paths that might not be so secure,” said Errol Weiss, chief security officer at the Health Information Sharing and Analysis Center. (Garzella, 4/9)
Healthcare IT News:
Senators' Letter Demands Accountability From UHG
Senators Josh Hawley (R-Missouri) and Richard Blumenthal (D-Connecticut) announced Friday that they wrote to UnitedHealth Group Chief Executive Officer Andrew Witty asking a series of questions relating to what they called UHG's lack of "sufficient redundancy to prevent an outage," a timeline of events relating to the February 21 ransomware attack and how UHG is filling the revenue gap providers are experiencing The senators requested responses by April 15. (Fox, 4/8)
In related news —
KFF Health News:
After Public Push, CMS Curbs Health Insurance Agents’ Access To Consumer SSNs
Until last week, the system that is used to enroll people in federal Affordable Care Act insurance plans inadvertently allowed access by insurance brokers to consumers’ full Social Security numbers, information brokers don’t need. That raised concerns about the potential for misuse. (Appleby, 4/9)
