In the February breach at Change Healthcare, threat actors accessed the private health information of more than 100 million people, the U.S. Civil Rights Bureau announced Oct. 22; This is the largest healthcare data breach ever reported to federal regulators.

The hack, information about which was disclosed in June, may affect many people one third Americans. It has proven to be one of the most significant cyberattacks of this year and shows how ransomed data can lead to physical harm, such as delayed delivery of essential medicines.

LOOK: Nation-state attackers may look for: “Target-rich, cyber-poor” organizations Like public infrastructure or health care, said CISA consultant Nicole Perlroth.

What was the Change Healthcare cyberattack?

In February, Change Healthcare’s parent company, UnitedHealth Group, I learned introduced by an attacker ransomware Change Healthcare systems. The ALPHV group, sometimes called BlackCat, claimed responsibility for the breach.

In March, Change Healthcare found that attackers accessed its systems between February 17 and 20. The company hired “leading cybersecurity and data analytics experts.” Mandiant Staff among them analyzed the data set and obtained a copy of the stolen records. United Healthcare released a more comprehensive statement about the incident in April.

One A hearing on the issue will be held in the Senate in May.UnitedHealth Group CEO Andrew Witty said the company paid a $22 million ransom in Bitcoin to release the stolen data.

cyber security experts I do not recommend paying ransom Because it rewards threat actors, can cause serious financial harm to the business, and does not guarantee the return of data. US government considers controversial idea prohibition ransom payments.

Change Healthcare said it could not determine what data was affected for each individual. The stolen data generally included:

• Name and surname, address, date of birth, telephone number and e-mail.
• Health information such as diagnoses, medical record numbers, images, and test results.
• Billing, claims and payment information
• Social Security numbers, driver’s licenses or other personal information that may be associated with medical records, such as state identification numbers or passport numbers.

No complete medical history or doctor’s charts were found among the stolen data.

The attack delayed prescription deliveries and business interruption impact 705 million dollars. Overall, Change Healthcare’s financial outlook for next year is lower than expected.

Change Healthcare offers resources to affected customers

United Healthcare said the investigation into the attack is still ongoing but in its final stages.

The company is still sending notifications to those affected. Change Healthcare offers two years of free credit monitoring and identity theft protection services from IDX to eligible customers. They provided “trained clinicians to provide emotional support services.” private call center. The call center cannot provide information about what specific data may have been exposed from individual accounts.

United Healthcare recommends affected patients monitor their bank accounts and health insurance statements. Unusual activity should be reported to financial institutions or healthcare providers as appropriate.

Ransomware attacks on healthcare have far-reaching consequences

Cyberattacks on healthcare data are a perfect storm of potentially lucrative random opportunities for threat actors and increased distrust among affected customers. If operations are interrupted, patients may lose access to necessary medications and care may be delayed.

In May, there was a ransomware attack on the Ascension hospital system. slowed down maintenance. Around the same time, the U.S. Healthcare Advanced Research Projects Agency announced: intention to invest More than $50 million in tools for information technology professionals in hospital environments to improve their cybersecurity.