{"id":24373,"date":"2024-04-23T07:10:11","date_gmt":"2024-04-23T15:10:11","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2024\/04\/23\/news-18103\/"},"modified":"2024-04-23T07:10:11","modified_gmt":"2024-04-23T15:10:11","slug":"news-18103","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2024\/04\/23\/news-18103\/","title":{"rendered":"&#8220;Substantial proportion&#8221; of Americans may have had health and personal data stolen in Change Healthcare breach"},"content":{"rendered":"\n<p>UnitedHealth Group has <a href=\"https:\/\/www.unitedhealthgroup.com\/newsroom\/2024\/2024-04-22-uhg-updates-on-change-healthcare-cyberattack.html\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">given an update<\/a> on the February <a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2024\/02\/change-healthcare-outages-reportedly-caused-by-ransomware\">cyberattack on Change Healthcare<\/a>, one of its subsidiaries. In the update, the company revealed the scale of the breach, saying:<\/p>\n<blockquote class=\"wp-block-quote\">\n<p>\u201cBased on initial targeted data sampling to date, the company has found files containing protected health information (PHI) or personally identifiable information (PII), which could cover a substantial proportion of people in America.\u201d<\/p>\n<\/blockquote>\n<p>UnitedHealth also announced support for affected people.<\/p>\n<p>On Wednesday February 21, 2024, Change Healthcare experienced serious system outages due to the cyberattack. The incident led to widespread billing outages, as well as disruptions at pharmacies across the United States.<\/p>\n<p>The attack on Change Healthcare, which processes about 50% of US medical claims, was one of the worst ransomware attacks against American healthcare and caused widespread disruption in payments to doctors and health facilities.<\/p>\n<p>Despite the ongoing investigation, which expectedly will take several more months of detailed analysis, UnitedHealth said it had decided to immediately provide support. The company says it continues to monitor the regular web and <a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2021\/09\/what-is-the-dark-web-the-dark-web-explained\">the dark web<\/a> for any published data.<\/p>\n<p>The chief executive of UnitedHealth Group, Andrew Witty, is <a href=\"https:\/\/therecord.media\/unitedhealth-ceo-andrew-witty-testimony-house-subcommittee\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">expected<\/a> to testify in Congress in May about the matter. Meanwhile the company says it has made strong progress restoring services impacted by the event and is prioritizing the restoration of services that impact patient access to care or medication.<\/p>\n<p>Affected people can visit a dedicated website at <a href=\"http:\/\/changecybersupport.com\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">changecybersupport.com<\/a> to get more information, or call 1-866-262-5342 to set up free credit monitoring and identity theft protection.<\/p>\n<h2 class=\"wp-block-heading\" id=\"h-protecting-yourself-from-a-data-breach\">Protecting yourself from a data breach<\/h2>\n<p>There are some actions you can take if you are, or suspect you may have been, the <a href=\"https:\/\/www.malwarebytes.com\/blog\/personal\/2023\/09\/involved-in-a-data-breach-heres-what-you-need-to-know\">victim of a data breach<\/a>.<\/p>\n<ul>\n<li><strong>Check the vendor&#8217;s advice.<\/strong> Every breach is different, so check with the vendor to find out what&#8217;s happened, and follow any specific advice they offer.<\/li>\n<li><strong>Change your password.<\/strong> You can make a stolen password useless to thieves by changing it. Choose a&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/www.malwarebytes.com\/computer\/how-to-create-a-strong-password\" target=\"_blank\">strong password<\/a>&nbsp;that you don&#8217;t use for anything else. Better yet, let a&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/www.malwarebytes.com\/what-is-password-manager\" target=\"_blank\">password manager<\/a>&nbsp;choose one for you.<\/li>\n<li><strong>Enable two-factor authentication (2FA).<\/strong> If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/www.malwarebytes.com\/glossary\/multi-factor-authentication-mfa\" target=\"_blank\">two-factor authentication (2FA)<\/a>&nbsp;can be phished just as easily as a password. 2FA that relies on a FIDO2 device can\u2019t be phished.<\/li>\n<li><strong>Watch out for fake vendors.<\/strong> The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify any contacts using a different communication channel.<\/li>\n<li><strong>Take your time.<\/strong> Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.<\/li>\n<li><strong>Set up identity monitoring.<\/strong> <a href=\"https:\/\/www.malwarebytes.com\/identity-theft-protection\">Identity monitoring<\/a> alerts you if your personal information is found being traded illegally online, and helps you recover after.<\/li>\n<\/ul>\n<h2 class=\"wp-block-heading\" id=\"h-check-your-digital-footprint\">Check your digital footprint<\/h2>\n<p><span>Malwarebytes has a new free tool for you to check how much of your personal data has been exposed online. Submit your email address (it\u2019s best to give the one you most frequently use) to our\u00a0<\/span><a href=\"https:\/\/www.malwarebytes.com\/digital-footprint\">free Digital Footprint scan<\/a><span>\u00a0and we\u2019ll give you a report and recommendations.<\/span><\/p>\n<div class=\"wp-block-malware-bytes-button mb-button\" id=\"mb-button-7ba16f0b-04e8-4679-9512-2f21a0971dcf\">\n<div class=\"mb-button__row u-justify-content-center\">\n<div class=\"mb-button__item mb-button-item-0\">\n<p class=\"btn-main\"><a href=\"https:\/\/www.malwarebytes.com\/digital-footprint?utm_source=blog&amp;utm_medium=social&amp;utm_campaign=b2c_pro_acq_fy25dfplaunch_171269600960&amp;utm_content=V1\"><\/a><a href=\"https:\/\/www.malwarebytes.com\/digital-footprint\">SCAN NOW<\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\" \/>\n<p><strong>We don&#8217;t just report on threats &#8211; we help safeguard your entire digital identit<\/strong>y<\/p>\n<p>Cybersecurity risks should never spread beyond a headline. Protect your\u2014and your family&#8217;s\u2014personal information by using <a href=\"https:\/\/www.malwarebytes.com\/identity-theft-protection\">identity protection<\/a><\/p>\n<p><a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2024\/04\/substantial-proportion-of-americans-may-have-had-health-and-personal-data-stolen-in-change-healthcare-breach\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p> UnitedHealth has made an announcement about the stolen data in the ransomware attack on subsidiary Change Healthcare. <\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[26819,3921,32,26699,25945,19131,31304,30958],"class_list":["post-24373","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-alphv","tag-identity-theft","tag-news","tag-personal","tag-phi","tag-pii","tag-ransomhub","tag-unitedhealth"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24373","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=24373"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24373\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=24373"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=24373"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=24373"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}