Security News > 2024 > March > US govt probes if ransomware gang stole Change Healthcare data
UnitedHealth Group confirmed in late February that Change Healthcare systems and services were shut down after a cyberattack by "Nation-state" hackers, which was later linked to the BlackCat ransomware gang.
Change Healthcare is the largest payment exchange platform used by doctors, healthcare providers, and patients in the U.S. healthcare system and by more than 70,000 pharmacies, while UHG has contracts with over 1.6 million health professionals and 8,000 healthcare facilities across all 50 U.S. states.
"OCR's investigation of Change Healthcare and UHG will focus on whether a breach of protected health information occurred and Change Healthcare's and UHG's compliance with the HIPAA Rules."
The investigation follows the BlackCat ransomware gang's claims that they stole 6TB of data from Change Healthcare's network belonging to "Thousands of healthcare providers, insurance providers, pharmacies, etc."
They said they stole source code for Change Healthcare solutions and sensitive information from many partners, including the U.S. military's Tricare healthcare program, the Medicare federal health insurance program, CVS Caremark, MetLife, Health Net, and many other healthcare insurance providers.
Ransomware gang claims they stole 6TB of Change Healthcare data.
News URL
Related news
- Mega US healthcare payments network restores system 9 months after ransomware attack (source)
- Ransomware fiends boast they've stolen 1.4TB from US pharmacy network (source)
- Hacker gets 10 years in prison for extorting US healthcare provider (source)
- US charges Phobos ransomware admin after South Korea extradition (source)
- Phobos ransomware administrator faces US cybercrime charges (source)
- Russian suspected Phobos ransomware admin extradited to US over $16M extortion (source)
- US government, energy sector contractor hit by ransomware (source)
- Vodka maker Stoli files for bankruptcy in US after ransomware attack (source)
- US sanctions Chinese firm for hacking firewalls in ransomware attacks (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)