Change Healthcare is facing a new cybersecurity nightmare after one ransomware the group began selling what they claimed were sensitive financial and medical records of Americans Stolen from the healthcare giant.
“For most US individuals who are suspicious of us, we probably have your personal data,” the RansomHub team said in a message seen by WIRED.
According to screenshots, the stolen data is said to include medical and dental records, claims, insurance details, and personal information such as Social Security numbers and email addresses. RansomHub claims it has healthcare data on active duty US military personnel.
The widespread theft and sale of sensitive healthcare data is a dramatic new fallout from the February cyberattack on Change Healthcare that crippled claims-paying operations company and plunged the US healthcare system into crisis as hospitals struggled to stay afloat without regular funding. .
Change Healthcare, a subsidiary of UnitedHealth Group, previously admitted that a ransomware group called BlackCat or AlphV breached its systems and told WIRED last week that it was investigating RansomHub’s claims of possession of stolen company data. Change Healthcare did not immediately respond to a request for comment about the group’s alleged sale of its data.
The diverse amount of patient data that RansomHub claims to sell is a testament to Change Healthcare’s role as a vital intermediary between insurers and healthcare providers, facilitating payments between both parties and collect reams of sensitive information about patients and their medical procedures in the process.
Among the sample records RansomHub posted were a list of open complaints handled by the company’s EquiClaim subsidiary, including patient and provider names; Medical records of a 74-year-old woman in Tampa, Florida; and a portion of the database records relating to the health care of U.S. military personnel.
RansomHub said it will allow individual insurers that work with Change Healthcare and had their data breached to pay a ransom to prevent the sale of their records. It clearly states that it is selling the data of several major insurance companies.
“Change Healthcare’s handling of sensitive data across all of these companies is beyond belief,” RansomHub said in its announcement.
Brett Callow, a threat analyst at security firm Emsisoft who closely tracks ransomware groups, said the new sale of stolen data probably “has little to do with the actual sale of data.” ” which is more about placing Change Healthcare—and its partner companies with unsuccessful records. protection—“under more pressure to pay.”
Change Healthcare appears to have been paid $22 million ransom to AlphV to prevent it from leaking terabytes of stolen data.
Two months into the crisis caused by the ransomware attack, Change Healthcare has faced mounting losses. The company recently reported spent 872 million USD responded to the incident on March 31.
At the same time, Change is under increasing pressure from lawmakers and regulators to explain its cybersecurity lapses and the steps it is taking to prevent another hack.
A subcommittee of the House Energy and Commerce Committee held a hearing on the health sector’s cyber situation on Tuesday, with key lawmakers speak they did disappointed that UnitedHealth Group refused to send an executive to testify. And the Department of Health and Human Services is investigate whether the failure of Change Healthcare to prevent hackers from accessing and stealing your data that violates federal data security rules.
