The Change Healthcare ransomware attack is believed to have affected around 100 million people earlier in 2024, new reports have confirmed.
The attack on Change Healthcare took place in February 2024 and is now considered the most disruptive ransomware attacks to ever hit the US healthcare industry, after the US Department of Health and Human Services Office for Civil Rights updated the number on its data breach portal. up to 100 million.
“On October 22, 2024, Change Healthcare notified OCR that approximately 100 million individual notices have been sent regarding this breach,” the Office for Civil Rights said on its FAQ page.
Snowflake and MFA
In the attack, a subsidiary of the dreaded ALPHV ransomware organization (AKA BlackCat) breached Change Healthcare to steal 6TB of sensitive customer data.
The stolen information included health insurance information (health plans and policies, insurance companies, various ID numbers, Medicaid-Medicare government payer ID numbers), health information (medical record numbers, diagnoses, tests and results, care and treatment records, medications), billing, claim, and payment information (claim numbers, account numbers, payment cards, financial and banking information, and more) and other personally identifiable information (social security numbers, driver’s license numbers, and more).
Change Healthcare ultimately paid a $22 million ransom in exchange for the data. The money never made it to the affiliates responsible for the attack, but was instead seized by the ransomware’s operators (who would only receive a portion of the payment). These later shut down the infrastructure and disappeared, leaving the affiliated partner with the data.
That affiliate later started their own ransomware operation and is known today as RansomHub – and since RansomHub never posted the stolen data, many speculate that a second ransom may have been paid.
The cyberattack disrupted the entire healthcare system, preventing doctors and pharmacies from submitting claims and pharmacies from accepting discount cards.
Via BleepingComputer