A significant data breach at Change Healthcare, a health payment processing company owned by UnitedHealth, has compromised the personal information of a substantial number of Americans. The breach, which occurred in February, is only now coming to light as affected individuals receive notification letters.
Key Takeaways
- Change Healthcare experienced a data breach in February, affecting a large number of Americans.
- The breach involved sensitive information, including Social Security numbers, health records, and financial data.
- Change Healthcare is offering free credit monitoring and identity theft protection for two years to those affected.
What Happened?
In February, hackers breached Change Healthcare, a company that handles billing and insurance for many health systems, including hospitals, medical offices, and pharmacies. The breach was linked to a Russian-based ransomware group. On February 21, Change Healthcare began taking steps to stop the hack, but not before a substantial quantity of data was stolen.
Data Compromised
The data compromised in this cyberattack is extensive and includes:
- Names and dates of birth
- Addresses, phone numbers, and email addresses
- Health insurance member and group ID numbers, and Medicare payor ID numbers
- Health information, including medical record numbers, diagnoses, test results, medicines, and treatment
- Billing and claim information, including billing codes and claim numbers, as well as balance due
- Payment information, including financial and banking information and payment cards
- Social Security numbers
- Driver’s licenses, state ID numbers, and passport numbers
Change Healthcare has stated that the information involved was not the same for every impacted individual and that they cannot confirm exactly what data has been affected for each person.
Notifications and Immediate Actions
Change Healthcare has started sending out letters to people whose data was impacted by this cyberattack. The company began sending written letters via mail on July 29 and continues to send out notices as it identifies affected individuals. However, the company notes that it may not have proper mailing addresses for all impacted individuals, so even if you didn’t receive a letter, there’s a chance you were part of the data breach.
Protecting Your Data
Due to the widespread impact of this data breach, Change Healthcare is offering free credit monitoring and identity theft protections for two years to anyone who believes they may have been impacted. Here are some steps you can take to protect your data:
- Monitor Your Credit Reports and Financial Accounts: Look for anything unusual.
- Freeze Your Credit Accounts: This can help protect your credit.
- Monitor Healthcare Explanation of Benefits Statements: Check for anything that looks off.
- Change Passwords: Update passwords on key accounts, including your Social Security login.
- Use Password Managers: Tools like 1Password can store your passwords and create extra-secure ones.
- Set Up Multifactor Authentication: This adds an extra layer of security to your accounts.
Conclusion
The Change Healthcare data breach is a stark reminder of the vulnerabilities in our digital infrastructure. By taking proactive steps, you can better protect your personal information and mitigate the risks associated with such breaches.
Be the first to comment