UnitedHealth Offers Sobering Post-Attack Update

We Keep you Connected

UnitedHealth Offers Sobering Post-Attack Update

UnitedHealth Group, in another unfortunate turn of events, has discovered that a large amount of its customers’ personal data was compromised by two recent cyberattacks, from which it is still recovering.

A data review is ongoing, and the company says it expects it to take several more months of analysis before it has “enough information … available to identify and notify impacted customers and individuals.” However, the company has not seen personal information like doctors’ charts or full medical histories among the impacted data it’s examined so far.

Change Healthcare, a subsidiary of UnitedHealth Group, fell victim to a ransomware attack on Feb. 23, ultimately leading to the company deciding to pay off the BlackCat/ALPHV ransomware affiliate responsible, after the US healthcare system fell into disarray. 

The enormity of the attack gained the attention of those in Washington, such as chairman of the Senate’s Homeland Security and Governmental Affairs Committee, Sen. Gary Peters (D-Mich.), who encouraged HHS to take whatever steps necessary to prevent such an attack from ever happening again.

However, it didn’t stop there. The company reportedly experienced another attack at the hands of RansomHub, which allegedly stole 4TB of company information, including financial data.

Now, in the wake of these new discoveries in its ongoing investigation and analysis, the company reported that many of its affected systems are on their way to being fully operational again: 99% of pre-incident pharmacies are able to process claims, medical claims are flowing at near-normal levels, and payment processing is at 86% of pre-incident levels. UnitedHealth Group also reports that it is in communication with law enforcement and regulators and is providing resources for impacted customers at http://changecybersupport.com