UnitedHealth Group, in another unfortunate turn of events, discovered that a large amount of its customers’ personal data was compromised by two recent cyberattacks, from which it is still recovering.
A review of the data is underway, and the company says it expects several months of analysis to be needed before it has “sufficient information… available to identify and notify affected customers and individuals.” However, the company has found no personal information such as medical records or complete medical histories among the affected data reviewed so far.
Change Healthcare, a subsidiary of UnitedHealth Group, was the victim of a ransomware attack on February 23which ultimately led to the company deciding to pay off the affiliate responsible for the BlackCat/ALPHV ransomware, after the US healthcare system fell into chaos.
THE enormity of the attack caught the attention of Washington, as Senate Homeland Security and Governmental Affairs Committee Chairman Sen. Gary Peters (D-Mich.) encouraged HHS to take all necessary steps to prevent such an attack happens again.
However, it didn’t stop there. The company he reportedly suffered another attack at the hands of RansomHub, which allegedly stole 4TB of company information, including financial data.
Now, in the wake of these new findings during its ongoing investigation and analysis, the company reported that many of its affected systems are on track to return fully operational again: 99% of pre-incident pharmacies are able to process claims , medical claims are progressing at near-normal levels and payment processing is at 86% of pre-incident levels. UnitedHealth Group also reports that it is in contact with law enforcement and regulatory authorities and is providing resources to affected customers http://changecybersupport.com.