Change Healthcare is starting to notify hospitals, insurers and other customers that they may have had patient information exposed in a massive cyberattack.
The company also said Thursday that it expects to begin notifying individuals or patients in late July.
Change Healthcare, a subsidiary of health care giant UnitedHealth Group, provides technology used to submit and process billions of insurance claims a year. Hackers gained access in February to its system and unleashed a ransomware attack that encrypted and froze large parts of it.
The attack triggered a disruption of payment and claims processing around the country, stressing doctor's offices and health care systems by interfering with their ability to file claims and get paid.
Change says names, addresses, health insurance information and personal information like Social Security numbers may have been exposed in the attack. The company is still investigating.
It said Thursday that it has reviewed more than 90% of impacted files and has seen no signs that doctors' charts or full medical histories were taken.
After the attack, UnitedHealth paid a $22 million ransom in bitcoin, CEO Andrew Witty has said.
Witty said during Congressional hearings last month that all of the company's core systems, including claims payment and pharmacy processing, were functional.
The company has been offering to pay for two years of credit monitoring and identity theft protection for people worried that their information may have been exposed in the attack.
© 2024 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.
Citation: Change Healthcare to start notifying customers who had data exposed in cyberattack (2024, June 21) retrieved 21 June 2024 from https://techxplore.com/news/2024-06-healthcare-notifying-customers-exposed-cyberattack.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.