US govt probes if ransomware gang stole Change Healthcare data

The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group subsidiary Optum, which operates the Change Healthcare platform, in late February.
This investigation is coordinated by HHS' Office for Civil Rights, which enforces the Health Insurance Portability and Accountability Act rules that protect patients' health information from being disclosed without their knowledge or consent.
Change Healthcare is the largest payment exchange platform used by doctors, healthcare providers, and patients in the U.S. healthcare system and by more than 70,000 pharmacies, while UHG has contracts with over 1.6 million health professionals and 8,000 healthcare facilities across all 50 U.S. states.
Even though UHG has brought some of the impacted systems back online after the crippling February ransomware attack, the resulting outage is still impacting operations across the U.S. healthcare industry, with the company estimating that it will be able to revive its payments platform on March 15 and medical claims network and software on March 18.
They said they stole source code for Change Healthcare solutions and sensitive information from many partners, including the U.S. military's Tricare healthcare program, the Medicare federal health insurance program, CVS Caremark, MetLife, Health Net, and many other healthcare insurance providers.
Sensitive data stolen from Change Healthcare's compromised systems allegedly includes information on millions of people, such as PII data, medical records, insurance records, dental records, payment information, claims information, and PII data of active U.S. military/navy personnel.
Earlier this month, BlackCat ransomware shut down in an exit scam amidst claims that they stole the $22 million ransom paid by Optum to the operator behind the Change Healthcare attack.
This wouldn't be unusual since BlackCat is believed to be a rebrand of the DarkSide and BlackMatter ransomware operations, with the former also shutting down after their attack on Colonial Pipeline in May 2021.
The ransomware affiliate behind the attack claims that they still have Change Healthcare's stolen data, indicating they may attempt to extort the company again.
The FBI says this ransomware gang raked in at least $300 million in ransoms from over 1,000 victims until September 2023, while the U.S. State Department now offers up to $15 million for tips that could help locate BlackCat gang leaders and anyone linked to the group's attacks.
BlackCat ransomware turns off servers amid claim they stole $22 million ransom.
Ransomware gang claims they stole 6TB of Change Healthcare data.
UnitedHealth subsidiary Optum hack linked to BlackCat ransomware.
FBI, CISA warn US hospitals of targeted BlackCat ransomware attacks.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 13 Mar 2024 20:25:26 +0000


Cyber News related to US govt probes if ransomware gang stole Change Healthcare data

US govt probes if ransomware gang stole Change Healthcare data - The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group subsidiary Optum, which operates the Change Healthcare platform, in late ...
7 months ago Bleepingcomputer.com
Ransomware gang starts leaking alleged stolen Change Healthcare data - The RansomHub extortion gang has begun leaking what they claim is corporate and patient data stolen from United Health subsidiary Change Healthcare in what has been a long and convoluted extortion process for the company. In February, Change ...
6 months ago Bleepingcomputer.com
Cybersecurity in the Healthcare Industry: Protecting Patient Data - In the rapidly advancing era of technology, the healthcare industry faces a critical challenge: protecting patient data from cyber threats. This article will emphasize the significance of cybersecurity in the healthcare industry and explore the ...
9 months ago Securityzap.com
Why healthcare data is often the target of ransomware attacks - Healthcare data in recent years has been a very lucrative target for cyberattacks, particularly ransomware, with attackers holding healthcare information, and potentially patient lives, for ransom. Cybercriminals are increasingly focusing on ...
5 months ago Techtarget.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 month ago Aws.amazon.com
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
7 months ago Bleepingcomputer.com
Best Cloud Security Providers for Healthcare Services - Cloud Security Providers for Healthcare offer specialized services to protect data and applications hosted in cloud environments. When picking a cloud security providers for healthcare, it's important to think about things like how well they follow ...
9 months ago Cybersecuritynews.com
Norton Healthcare discloses data breach after May ransomware attack - Kentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents. Norton Healthcare serves adult and pediatric patients in more than 40 clinics and ...
10 months ago Bleepingcomputer.com
Ransomware's appetite for US healthcare sees known attacks double in a year - Following the February 21 attack on Change Healthcare, scores of people in the US have been living with the brutal, real-world effects of ransomware. It has also created skyrocketing pharmacy bills, pushed some healthcare providers to the edge of ...
7 months ago Malwarebytes.com
The Imperative for Robust Security Design in the Health Industry - COMMENTARY. In an era dominated by digital innovation and technological advancements, healthcare companies find themselves at the intersection of immense opportunity and equally unprecedented risk. The digitalization of patient records, electronic ...
9 months ago Darkreading.com
HHS to investigate UnitedHealth and ransomware attack on Change Healthcare - The U.S. Department of Health and Human Services is launching an investigation into the ransomware attack on Change Healthcare following weeks of disruption to healthcare and billing operations at hospitals, clinics and pharmacies across the country. ...
7 months ago Therecord.media
Cybersecurity Management Lessons from Healthcare Security Breaches - 2024 looks like it will only increase the number of affected individuals considering the scale of ransomware attacks from the first half of the year in the USA, Canada, and Australia. Unusual activity detected on May 8, 2024, caused Ascension ...
5 months ago Esecurityplanet.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
Changing How Healthcare Works: Big News in Communication - In a pivotal transformation within the healthcare industry, a prominent shift is currently unfolding. Direct Secure Messaging has emerged as a game-changer, modernising the way vital information is shared among healthcare providers, pharmacies, and ...
8 months ago Cysecurity.news
Change Healthcare's New Ransomware Nightmare Goes From Bad to Worse - Change Healthcare is facing a new cybersecurity nightmare after a ransomware group began selling what it claims is Americans' sensitive medical and financial records stolen from the health care giant. RansomHub claimed it had health care data on ...
6 months ago Wired.com
Unveiling the true cost of healthcare cybersecurity incidents - As healthcare organizations increasingly rely on interconnected systems, electronic health records, and telemedicine, the industry becomes a prime target for malicious actors seeking to exploit vulnerabilities. The consequences of a cybersecurity ...
10 months ago Helpnetsecurity.com
Pharmacy Delays Across US Blamed on Nation-State Hackers - Change Healthcare, a technology services provider for pharmacies, experienced a cyberattack from a suspected nation-state threat actor that has created widespread delays for patients who need prescription refills across the US. Change Healthcare is a ...
8 months ago Darkreading.com
Transforming in the Age of Healthcare Digitalization - Healthcare and technology increasingly intersect in today's world, and cybersecurity has become a primary concern for many companies. The recent attack on Change Healthcare serves as a harsh reminder of the vulnerabilities facing the healthcare ...
4 months ago Cyberdefensemagazine.com
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
10 months ago Bleepingcomputer.com
Health Care Network in Crisis: Cyberattack Shuts Down Operations Across US - In a statement released Thursday evening by Ascension Hospital, a nonprofit network based in St. Louis with 140 hospitals across 19 states, it was also reported that electronic health records, some phone systems, as well as several systems used to ...
5 months ago Cysecurity.news
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
9 months ago Securityboulevard.com
Best Network Security Providers for Healthcare - The exponential growth of Electronic Health records, telemedicine, and interconnected medical devices creates a complex healthcare ecosystem demanding robust network security. Network security providers specializing in healthcare offer a ...
5 months ago Cybersecuritynews.com
The Week in Ransomware - Today's column brings you two weeks of information on the latest ransomware attacks and research after we skipped last week's article. BleepingComputer has learned that some of the BlackCat/ALPHV affiliates are not buying the explanation and have ...
10 months ago Bleepingcomputer.com
Capital Health attack claimed by LockBit ransomware, risk of data leak - The LockBit ransomware operation has claimed responsibility for a November 2023 cyberattack on the Capital Health hospital network and threatens to leak stolen data and negotiation chats by tomorrow. Capital Health is a primary healthcare service ...
9 months ago Bleepingcomputer.com
Atlas Healthcare Confirms Data Breach Affecting Residents' Social Security Numbers - On October 14, 2023, Atlas Healthcare provided notice of a recent data breach after learning that an unauthorized actor was able to access the company's computer system. In this notice, Atlas explains that the incident resulted in an unauthorized ...
11 months ago Jdsupra.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)