Close Menu
TechBrunchTechBrunch
  • Home
  • AI
  • Apps
  • Crypto
  • Security
  • Startups
  • TechCrunch
  • Venture

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

What's Hot

Founder Sahil Lavingia says he was booted from Doge just 55 days later

May 28, 2025

Security Startup Horizon3.AI raises $100 million in new rounds

May 28, 2025

When fighting a security incident, he was hit by Victoria's secret halt.

May 28, 2025
Facebook X (Twitter) Instagram
TechBrunchTechBrunch
  • Home
  • AI

    OpenAI seeks to extend human lifespans with the help of longevity startups

    January 17, 2025

    Farewell to the $200 million woolly mammoth and TikTok

    January 17, 2025

    Nord Security founder launches Nexos.ai to help enterprises move AI projects from pilot to production

    January 17, 2025

    Data proves it remains difficult for startups to raise capital, even though VCs invested $75 billion in the fourth quarter

    January 16, 2025

    Apple suspends AI notification summaries for news after generating false alerts

    January 16, 2025
  • Apps

    Odyssey's new AI model streams 3D interactive worlds

    May 28, 2025

    Spotify amps up podcast discovery with new features

    May 28, 2025

    Google Photos debuts a redesigned editor using new AI tools

    May 28, 2025

    Family Safety App Life360 adds lost tile trackers a few years after the acquisition

    May 28, 2025

    Microsoft begins testing Copilot for games on Xbox apps for iOS and Android

    May 28, 2025
  • Crypto

    GameStop bought $500 million in Bitcoin

    May 28, 2025

    Vote for the session you want to watch in 2025

    May 26, 2025

    Save $900 + 90% from 2 tickets to destroy 2025 in the last 24 hours

    May 25, 2025

    Only 3 days left to save up to $900 to destroy the 2025 pass

    May 23, 2025

    Starting from up to $900 from Ticep, 90% off +1 in 2025

    May 22, 2025
  • Security

    Security Startup Horizon3.AI raises $100 million in new rounds

    May 28, 2025

    When fighting a security incident, he was hit by Victoria's secret halt.

    May 28, 2025

    Data broker giant LexisNexis says more than 364,000 personal information has been violated

    May 28, 2025

    Naukri has published the recruiter's email address, researchers say

    May 24, 2025

    Apple CEO reportedly urged the Texas governor to abandon the online child safety bill

    May 23, 2025
  • Startups

    7 days left: Founders and VCs save over $300 on all stage passes

    March 24, 2025

    AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

    March 24, 2025

    20 Hottest Open Source Startups of 2024

    March 22, 2025

    Andrill may build a weapons factory in the UK

    March 21, 2025

    Startup Weekly: Wiz bets paid off at M&A Rich Week

    March 21, 2025
  • TechCrunch

    OpenSea takes a long-term view with a focus on UX despite NFT sales remaining low

    February 8, 2024

    AI will save software companies' growth dreams

    February 8, 2024

    B2B and B2C are not about who buys, but how you sell

    February 5, 2024

    It's time for venture capital to break away from fast fashion

    February 3, 2024

    a16z's Chris Dixon believes it's time to focus on blockchain use cases rather than speculation

    February 2, 2024
  • Venture

    Founder Sahil Lavingia says he was booted from Doge just 55 days later

    May 28, 2025

    Confuse your 2025 agenda: Vote for your favorite session

    May 28, 2025

    Competing with incumbents with linear Christina Cordoba in the session: ai

    May 28, 2025

    We are planning a $100 billion VC fund to invest in startups in Europe and Asia

    May 28, 2025

    Ali Partovi and Russell Kaplan join StrictlyVc Menlo Park

    May 27, 2025
TechBrunchTechBrunch

As Change Healthcare outage drags on, fears grow that patient data could be compromised

TechBrunchBy TechBrunchMarch 9, 20247 Mins Read
Facebook Twitter Pinterest Telegram LinkedIn Tumblr WhatsApp Email
Share
Facebook Twitter LinkedIn Pinterest Telegram Email


A cyber attack on US health tech giant Change Healthcare has brought much of the US healthcare system to a standstill for the second week in a row.

Hospitals cannot verify insurance benefits for hospitalized patients, process prior authorizations for patient procedures or surgeries, or process billing for medical services. Pharmacies have struggled to decide how much to charge for prescriptions for patients who don't have access to their health insurance records, with some having to pay out of pocket for expensive drugs and others having to pay for expensive drugs out of pocket. I can't afford the cost.

Since Change Healthcare abruptly shut down its network on Feb. 21 to contain digital intruders, some smaller medical providers and pharmacies have struggled with their bills without steady reimbursement from insurance giants. The company is struggling to pay its staff and has warned that its cash reserves could dwindle. .

Change Healthcare's parent company, UnitedHealth Group, said in a government regulatory filing Friday that the company is making “significant progress” in restoring affected systems.

As the short-term impact of the ongoing outages on patients and healthcare providers becomes clearer, questions remain about the security of millions of people's sensitive medical information handled by Change Healthcare.

A prolific ransomware gang from Russia, which took credit for the cyber attack on Change Healthcare, has stored the personal medical data of millions of patients from the medical technology giant's systems, although it has not yet released evidence. He claimed that he had stolen from a large bank. In a new development, a ransomware gang seems to have faked its own demise and disappeared from the map after receiving millions of dollars worth of cryptocurrency ransoms.

When patient data is stolen, the impact on affected patients can be irreversible and lifelong.

Change Healthcare is one of the world's largest facilitators of health and medical data and patient records, processing billions of healthcare transactions annually. Since 2022, the health tech giant has been owned by UnitedHealth Group, the largest health insurance company in the United States. Hundreds of thousands of doctors and dentists across the United States, as well as tens of thousands of pharmacies and hospitals, use it to bill patients for health insurance benefits.

This size carries special risks. U.S. antitrust authorities allege that UnitedHealth has an unfair competitive advantage by having access to “approximately half of all American health insurance claims that pass through each year” The company filed a lawsuit to block its acquisition and merger with healthcare subsidiary Optum, but the lawsuit was unsuccessful.

Meanwhile, Change Healthcare has so far repeatedly denied whether patient data was compromised in the cyber attack. Still, medical professionals remain concerned that the data-related fallout from the cyber attack is still a long way off.

Amid concerns that the incident “resulted in a large-scale breach of patient and physician information,” the American Medical Association wrote in a March 1 letter to the U.S. government that “data privacy warned of serious concerns. According to reporters, AMA President Jesse Ehrenfeld said Change Healthcare said it was “not clear what data was compromised or stolen.”

The head of cybersecurity for a large U.S. hospital system told TechCrunch that while he is in regular contact with Change and UnitedHealth, he has not heard anything so far regarding the security or integrity of patient records. Ta. Cybersecurity chiefs have expressed alarm that hackers could publish stolen sensitive patient data online.

According to the person, communications with Change gradually escalated from hinting that data may have been compromised, to the point where multiple incident response companies were willing to conduct an active investigation, and how much data had been leaked. This suggests that it is only a matter of time before we find out whether the item was stolen. , and from whom. Customers will bear some of the burden of the hack, the person said, asking not to be named because he was not authorized to speak to the press.

Ransomware group carries out “exit scam”

Now, the hackers seem to have disappeared and the situation has become even more unpredictable.

UnitedHealth initially blamed the cyberattack on unspecified government-backed hackers, but later retracted that claim and blamed Russia-based ransomware and extortion cybercrime group ALPHV. ” (also known as the Black Cat). This group has unknown ties to the government. .

Ransomware and extortion gangs are financially motivated and typically employ dual extortion tactics, first scrambling the victim's data with file-encrypting malware and then swiping a copy for themselves. It threatens to publish the data online if the ransom demand is not paid.

On March 3, an affiliate of ALPHV/BlackCat (a de facto contractor that earns commissions from the ransomware gang's malware-based cyberattacks) posted on a cybercrime forum that ALPHV/BlackCat received revenue from its affiliates. I filed a complaint alleging that I had been defrauded. As first reported by the veteran security watchdog's DataBreaches.net, the affiliate company said in a post that the $22 million allegedly paid by Change Healthcare to decrypt files and prevent a data breach was The ransom money he claimed was stolen by ALPHV/BlackCat.

As proof of their claim, the affiliate provided the exact crypto wallet address that ALPHV/BlackCat allegedly used to receive the ransom two days ago. The wallet showed a single transaction worth $22 million in Bitcoin at the time of payment.

The affiliate added that despite losing some of the ransom money, the stolen data “is still in our hands,” and that the affected affiliate still has large amounts of confidential medical data that was stolen. and patient data.

UnitedHealth declined to confirm to reporters whether it had paid the ransom to the hackers, saying the company was focused on the investigation. A spokesperson for the company did not respond to a request from TechCrunch if it disputes reports that it paid a ransom to UnitedHealth.

By March 5th, the ALPHV/BlackCat website had disappeared. Researchers believe this is an exit scam. The hackers flee with their new wealth, never to be seen again, or go into hiding and later reform as a new gang.

The gang's dark web website was replaced with a splash screen disguised as a law enforcement seizure notice. In December, a global law enforcement operation destroyed some of ALPHV/BlackCat's infrastructure, but the gang returned and quickly began targeting new victims.But this time, security researchers i doubt it Rather than another legitimate takedown operation, the gang's own deception is at work.

A spokesperson for the UK National Crime Agency, which was involved in the first ALPHV/BlackCat sabotage operation last year, told TechCrunch that the ostensibly seized ALPHV/BlackCat websites “are not the result of NCA activity.” Other global law enforcement agencies also denied involvement in the group's sudden disappearance.

It is not uncommon for cybercriminal organizations to reorganize or rebrand as a way to combat reputational problems, something they do after being busted by law enforcement or profiting from the illegal profits of their affiliates.

Even if payment is made, there is no guarantee that the hacker will delete your data. Recent global law enforcement actions aimed at thwarting the large-scale LockBit ransomware campaign have shown that victims' data is not necessarily compromised, as the cybercrime organization claimed it would do if the ransom was paid. It turns out that I wasn't actually deleting the . Companies are starting to realize that paying a ransom does not guarantee the return of their files.

For those on the front lines of healthcare cybersecurity, the worst-case scenario is that stolen patient records become public.

The patient safety and financial implications of this will be felt for years to come, a hospital cybersecurity director told TechCrunch.

Do you work at Change Healthcare, Optum, or UnitedHealth and want to know more about cyberattacks? Contact us on Signal and WhatsApp (+1 646-755-8849) or email. You can also send files and documents via SecureDrop.





Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Security Startup Horizon3.AI raises $100 million in new rounds

May 28, 2025

When fighting a security incident, he was hit by Victoria's secret halt.

May 28, 2025

Data broker giant LexisNexis says more than 364,000 personal information has been violated

May 28, 2025

Naukri has published the recruiter's email address, researchers say

May 24, 2025

Apple CEO reportedly urged the Texas governor to abandon the online child safety bill

May 23, 2025

Artemis Seaford and Ion Stoica cover the ethical crisis in their sessions: AI

May 23, 2025

Leave A Reply Cancel Reply

Top Reviews
Editors Picks

7 days left: Founders and VCs save over $300 on all stage passes

March 24, 2025

AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

March 24, 2025

20 Hottest Open Source Startups of 2024

March 22, 2025

Andrill may build a weapons factory in the UK

March 21, 2025
About Us
About Us

Welcome to Tech Brunch, your go-to destination for cutting-edge insights, news, and analysis in the fields of Artificial Intelligence (AI), Cryptocurrency, Technology, and Startups. At Tech Brunch, we are passionate about exploring the latest trends, innovations, and developments shaping the future of these dynamic industries.

Our Picks

Founder Sahil Lavingia says he was booted from Doge just 55 days later

May 28, 2025

Security Startup Horizon3.AI raises $100 million in new rounds

May 28, 2025

When fighting a security incident, he was hit by Victoria's secret halt.

May 28, 2025

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

© 2025 TechBrunch. Designed by TechBrunch.
  • Home
  • About Tech Brunch
  • Advertise with Tech Brunch
  • Contact us
  • DMCA Notice
  • Privacy Policy
  • Terms of Use

Type above and press Enter to search. Press Esc to cancel.