.png)
4 weeks ago
16
Insurance institution UnitedHealth Group is confirming a ransomware onslaught earlier this twelvemonth affected the backstage information of implicit 100 cardinal people. The fig was published successful the US Department of Health and Human Services Office of Civil Rights (OCR) Breach Report connected Thursday, making it the largest healthcare information breach connected the list.
Hacker radical Blackcat, besides known arsenic ALPHV, claimed work for the February attack connected Change Healthcare that caused wide disruptions for healthcare providers processing bills, claims, payroll, and prescriptions for weeks.
According to the HHS FAQs page, Change Healthcare told OCR connected October 22nd that it’s sent radical astir 100 cardinal individual notices regarding this breach.
Stolen accusation whitethorn include:
- Health security accusation (such arsenic primary, secondary oregon different wellness plans/policies, security companies, member/group ID numbers, and Medicaid-Medicare-government payor ID numbers);
- Health accusation (such arsenic aesculapian grounds numbers, providers, diagnoses, medicines, trial results, images, attraction and treatment);
- Billing, claims and outgo accusation (such arsenic assertion numbers, relationship numbers, billing codes, outgo cards, fiscal and banking information, payments made, and equilibrium due); and/or
- Other idiosyncratic accusation specified arsenic Social Security numbers, driver’s licenses oregon authorities ID numbers, oregon passport numbers.
As reported by Bleeping Computer, UnitedHealth CEO Andrew Witty’s written grounds (PDF) to a House committee said the menace actors got successful by utilizing stolen credentials for a Citrix distant entree work that lacked multifactor authentication.
On February 12, criminals utilized compromised credentials to remotely entree a Change Healthcare Citrix portal, an exertion utilized to alteration distant entree to desktops. The portal did not person multi-factor authentication. Once the menace histrion gained access, they moved laterally wrong the systems successful much blase ways and exfiltrated data. Ransomware was deployed 9 days later.
UnitedHealth paid the radical a $22 cardinal ransom. However, different cognition threatened to proceed leaking the information and whitethorn person secured a 2nd ransom payment.
/cdn.vox-cdn.com/uploads/chorus_asset/file/23024358/GoogleChromecastwithGoogleTV.jpg)
/cdn.vox-cdn.com/uploads/chorus_asset/file/25515570/minesweeper_netflix_screenshot.jpg)
English (US) ·