Change Healthcare is beginning to notify hospitals, insurers, and other customers about potential exposure of patient information in a significant cyberattack. The attack, which occurred in February, targeted the company’s system and resulted in a ransomware attack that encrypted and froze portions of it. This led to disruptions in payment and claims processing nationwide.
As a subsidiary of UnitedHealth Group, Change Healthcare processes billions of insurance claims annually using its technology. The company stated that it plans to start informing individuals and patients about the attack in late July. The compromised information may include names, addresses, health insurance details, and personal data like Social Security numbers. Change Healthcare is currently conducting an investigation into the incident.
Fortunately, the company has determined that over 90% of the affected files have been reviewed and found no evidence that doctors’ charts or complete medical histories were accessed by the hackers. UnitedHealth reportedly paid a $22 million ransom in bitcoin following the attack. CEO Andrew Witty assured that essential systems, such as claims payment and pharmacy processing, remain operational.
In response to the cyberattack, Change Healthcare is offering two years of credit monitoring and identity theft protection to individuals concerned about their information being compromised. The company continues to work on addressing the aftermath of the attack and ensuring the protection of customer and patient data.