UnitedHealth Group Investigates Claims of Leaked Data from Change Healthcare Ransomware Attack

UnitedHealth Group investigates claims of leaked data from recent ransomware attack on Change Healthcare, highlighting the growing threat of ransomware and the need for robust cybersecurity measures in healthcare.

author-image
Trim Correspondents
New Update
UnitedHealth Group Investigates Claims of Leaked Data from Change Healthcare Ransomware Attack

UnitedHealth Group Investigates Claims of Leaked Data from Change Healthcare Ransomware Attack

UnitedHealth Group, the parent company of Change Healthcare, is currently investigating claims that a cybercrime group has leaked data online that was stolen in the recent ransomware attack on Change Healthcare. The attack, which was first disclosed nearly two months ago, prevented many U.S.-based healthcare facilities from processing claims and receiving payments for several weeks.

According to UnitedHealth Group, there is no evidence of any new cyber incident at Change Healthcare. The company is working with law enforcement and outside experts to investigate the claims and understand the extent of potentially impacted data. The alleged data extortion attempt may be the second time UnitedHealth has been asked to pay a ransom demand in connection with the Change Healthcare attack.

The impacts of the Change Healthcare attack cost UnitedHealth Group $872 million during the first quarter of the year, including direct response costs and business disruption impacts. The company also noted that cash flows were affected by approximately $3 billion due to its cyberattack response actions , including funding acceleration to care providers.

A ransomware group called Ransomhub has published data allegedly stolen from Change Healthcare in an effort to pressure the company into paying a second extortion demand. UnitedHealth Group reportedly already paid $22 million to another ransomware group, ALPHV, which initially claimed to be behind the Change Healthcare breach. However, ALPHV allegedly absconded with the $22 million and did not distribute any money to Ransomhub, which now claims it is responsible for the breach.

Ransomhub is giving UnitedHealth three days to respond or it plans on auctioning off the information to the highest bidder. UnitedHealth Group has not confirmed the legitimacy of the published data or if it paid the first $22 million ransom.

Why this matters: The Change Healthcare ransomware attack has had a significant impact on the U.S. healthcare system, disrupting claims processing and payments for many facilities. The potential sale of stolen patient data by cybercriminals raises serious concerns about privacy and security in the healthcare industry. This incident highlights the growing threat of ransomware attacks and the need for robust cybersecurity measures to protect sensitive information.

Cybersecurity experts have reassured that there are no further leaks after the recent ransomware attack on Change Healthcare. However, they warn that the likelihood of multiple extortions and the sale of stolen data is likely to increase as ransomware-as-a-service becomes more common. Possible victims of the attack are advised to take precautions against identity theft and fraud, as the stolen data may be sold to the highest bidder.

Key Takeaways

  • UnitedHealth investigating claims of leaked data from Change Healthcare ransomware attack.
  • Change Healthcare attack cost UnitedHealth $872M, disrupted healthcare claims processing.
  • Ransomhub group claims responsibility, demands ransom, threatens to auction stolen data.
  • UnitedHealth reportedly paid $22M ransom to another group, ALPHV, who absconded with the money.
  • Stolen patient data raises privacy concerns, experts warn of increased extortion attempts.