Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Medical Data. Show all posts

UnitedHealth Claims Data of 100 Million Siphoned in Change Healthcare Breach

 

UnitedHealth has acknowledged for the first time that over 100 million people's personal details and healthcare data were stolen during the Change Healthcare ransomware assault, making it the largest healthcare data breach in recent years. 

During a congressional hearing in May, UnitedHealth CEO Andrew Witty warned that the attack had exposed "maybe a third" of all Americans' medical data.

A month later, Change Healthcare issued a data breach notification, stating that the February ransomware assault had exposed a "substantial quantity of data" for a "substantial proportion of people in America.” 

Last week, the U.S. Department of Health and Human Services Office for Civil Rights data breach portal increased the overall number of affected people to 100 million, marking the first time UnitedHealth, Change Healthcare's parent company, published an official number for the breach. 

Change Healthcare has sent out data breach alerts since June stating that a huge amount of sensitive information was stolen during the February ransomware assault, including: 

  • Health insurance information (including primary, secondary, or other health plans/policies, insurance firms, member/group ID numbers, and Medicaid-Medicare-government payor ID numbers); 
  • Health information (such as medical record numbers, providers, diagnoses, medications, test results, images, care, and therapy); 
  • Personal information may include billing, claims, and payment information, as well as Social Security numbers, driver's licenses, state ID numbers, and passport numbers.

The information may differ for each person, and not everyone's medical history was disclosed. 

Change healthcare breach 

This data breach was prompted by a February ransomware attack on UnitedHealth subsidiary Change Healthcare, which resulted in severe outages across the US healthcare system. 

The disruption to the company's IT systems prevented doctors and pharmacists from filing claims, as well as pharmacies from accepting discount prescription cards, forcing patients to pay full price for their drugs.

The attack was carried out by the BlackCat ransomware group, also known as ALPHV. They used stolen credentials to get access to the company's Citrix remote access service, which did not have multi-factor authentication activated. 

During the attack, threat actors took 6 TB of data and ultimately encrypted network devices, forcing the organisation to shut down IT infrastructure in order to prevent the attack from propagating further.

UnitedHealth Group acknowledged paying a ransom to get a decryptor and have the threat actors delete the stolen data. The alleged ransom payment was $22 million, according to the BlackCat ransomware subsidiary that carried out the attack.

This ransom payment was meant to be shared between the affiliate and the ransomware operation, but the BlackCat abruptly stopped down, taking the entire payment and committing an exit scam. 

However, this was not the end of Change Healthcare's issues, since the affiliate claimed to still have the company's data and did not delete it as agreed. The affiliate collaborated with a new ransomware operation known as RansomHub and began releasing some of the stolen data, demanding an additional payment for the data not to be leaked.

The Change Healthcare entry on RansomHub's data breach site inexplicably removed a few days later, suggesting that UnitedHealth paid a second ransom demand. 

UnitedHealth said in April that the Change Healthcare ransomware assault resulted in $872 million in losses, which were included in Q3 2024 earnings and are estimated to total $2.45 billion for the nine months ending September 30, 2024.

UnitedHealth's Cyberattack Should Serve as a 'Wake-up Call' for HealthCare Sector

 

The US Health and Human Services Department (HHS) announced Tuesday that it would assist doctors and hospitals in locating alternate claims processing platforms to help restart the flow of business following a cyberattack on a UnitedHealth Group (UNH) subsidiary that crippled operations of a large swath of America's health systems for the past two weeks. 

On February 21, a cyberattack paralysed Change Healthcare, which hospitals, doctors' offices, and pharmacies use to handle payments and prior authorizations for patient visits and medicines.

United gave a lengthy status update Tuesday afternoon, stating that the attack was carried out by BlackCat, a well-known Russian-backed ransomware outfit. 

The FBI was aware of BlackCat, also known as ALPHV, and was successful in breaching the group at the end of last year, but was unable to put it down. BlackCat has previously targeted a number of healthcare companies. It claimed to have collected up to 6 gigabytes of data during the last attack, and that it received $22 million in bitcoin, a transaction visible on the blockchain, but it is still being determined where it came from. 

Based on the most recent statistics, 90% of claims are still being processed for health providers, and pharmacies should be fully operational by Thursday, UHG explained in a statement Tuesday.

Additionally, the company noted, "We've made progress in providing workarounds and temporary solutions to bring systems back online in pharmacy, claims and payments." 

While smaller systems that rely heavily on Change Healthcare are suffering, larger systems with many vendors or the financial capacity to quickly switch to another provider are less affected. 

"This may be the first of its kind, where an outage at the interoperability layer weakens the capacity of the system to function," stated Aneesh Chopra, former US chief technology officer and currently co-founder and president of CareJourney, a healthcare analytics company. "This is a wake-up call on the need for redundancy in systems so we have backup options when a particular vendor goes down.” 

Third-party risks 

Tech platforms have had difficulty allowing their software to interact with each other and provide seamless connectivity for health systems due to regulations safeguarding patient data. However, newer products have made interoperability easier to achieve, which also makes them more susceptible to attacks. 

United's attack makes sense for that reason because it choked off a key mechanism in the inner workings of the system. The change enables several healthcare system companies to handle payments and claims. For example, CVS (CVS) reports that 25% of its claims are processed using Change.

This is in stark contrast to earlier attacks that target specific organisations, such as insurance and hospitals, and affect only one aspect of the system. 

United is also a tempting target because its Optum brand comprises Optum Financial, a different division of UHG that operates a number of payment systems.

Orrick Data Breach: Law Firm Dealing with Data Breaches Hit by One


An international law firm assists businesses impacted by security events has experienced a cyberattack, where it compromised the sensitive health information of hundreds of thousands of data breach victims. 

Orrick, Herrington & Sutcliffe, the San Francisco-based company revealed last week that that during an attack in March 2023, threat actors stole personal information and critical health data of more than 637,000 data breach victims.

Orrick said that the hackers had taken massive amounts of data from its systems related to security incidents at other organizations, for which he provided legal assistance, in a series of letters notifying those impacted of the data breach.

Orrick informs that the data involved in the breach involved its customers’ data, including those with dental policies with Delta Dental, a major healthcare insurance network that covers millions of Americans' dental needs, and those with vision plans with insurance company EyeMed Vision Care.

The company further added that it had contacted with the U.S. Small Business Administration, the behavioral health giant Beacon Health Options (now Carelon), and the health insurance provider MultiPlan that their data was also exposed in Orrick's data breach.

Apparently, the stolen data includes victims’ names, dates of birth, postal address and email addresses, and government-issued identification numbers, such as Social Security numbers, passport and driver license numbers, and tax identification numbers. Also, information about patient’s medical treatment and diagnosis details, insurance claim like date and service-charges, and healthcare insurance numbers and provider details have been compromised. 

Orrick further says that credit or debit card details as well as online account credentials were also involved in the breach. 

Since the initial announcement of the breach, the number of affected individuals have been on the rise. In its recent breach notice, Orrick states that it “does not anticipate providing notifications on behalf of additional businesses,” however the company did not specify how it came to this conclusion. 

Orrick said in December to a federal court in San Francisco that it reached a preliminary settlement to end four class action lawsuits that claimed Orrick failed to disclose the breach from victims for months after it had occurred.

“We are pleased to reach a settlement well within a year of the incident, which brings this matter to a close, and will continue our ongoing focus on protecting our systems and the information of our clients and our firm,” added Orrick’s spokesperson.  

Future Health: AI's Impact on Personalised Care in 2024

 



As we dive into the era of incorporating Artificial Intelligence (AI) into healthcare, the medical sector is poised for a profound transformation. AI holds immense potential in healthcare, offering groundbreaking advancements in diagnostics, personalised treatment approaches, and streamlined administrative processes. Casting our gaze forward to 2024, the influence of AI on patient care is increasingly palpable, with the seamless fusion of technology and healthcare charting a collaborative course toward a future marked by synergy. 

AI's influence is particularly notable in diagnostics, where healthcare professionals leverage its ability to interpret intricate health data. Unlike traditional methods, AI systems analyse diverse datasets, providing a more comprehensive understanding of a patient's health. Recent regulatory recommendations from the World Health Organization (WHO) highlight the global recognition of AI's significance in healthcare, emphasising effective integration, patient safety, and data privacy. 

The concept of personalised medicine, tailoring treatments to individual patients, is evolving with AI playing a crucial role. AI's ability to process and analyse diverse patient data, including genetic details and lifestyle factors, is propelling the development of highly individualised treatment plans. This shift marks a pivotal moment in healthcare, promising a future where care is not only more precise but also tailored to the nuanced needs of individuals. 

In the next three years, trends in AI healthcare use cases are expected to shape the industry. Natural Language Processing (NLP) and Conversational AI will aid in symptom checking and triage, while virtual assistants guide patients and improve automated scheduling. Integrating omics data with Electronic Health Records (EHRs) and wearable device data will enhance patient phenotyping. Stringent regulations on AI, particularly in medical devices, are anticipated in the U.S. and Europe. The evolving role of AI in targeted diagnostics and personalised care simplifies data structuring, empowering healthcare professionals to focus on quality care. 

However, the widespread adoption of AI in daily clinical practice poses a critical challenge. The true potential of AI in healthcare can only be realised when medical professionals collaborate with these technologies, leveraging unique human skills and cognitive function. Those embracing this partnership are poised to harness AI's full potential, offering a glimpse into a future defined by advancements and redefined patient care standards. 

As AI reshapes the industry, ethical considerations take centre stage, especially regarding patient data privacy and the potential for algorithmic bias. The World Health Organization's recommendations reinforce the necessity for robust regulatory frameworks to ensure responsible AI use in healthcare. 

While AI brings significant benefits, the crucial role of human oversight cannot be overstated. AI serves as a valuable tool to assist healthcare professionals rather than replace them, with human judgement remaining essential in interpreting AI-generated data and making final treatment decisions. 

The year 2024 signifies a pivotal moment for AI in healthcare, showcasing its evolution from a conceptual idea to a practical tool enhancing patient care. This journey underscores the relentless pursuit of innovation in the medical field. As AI continues to progress, it holds the potential to unlock new dimensions in personalised patient care, making healthcare more efficient, precise, and tailored to individual needs. Challenges accompany this transformative journey, and the healthcare community must navigate them with a steadfast commitment to ethical practices, ensuring that AI integration enhances rather than compromises patient well-being.


Accurate Eye Diagnosis, Early Parkinson's Detection

A revolutionary advancement in the realm of medical diagnostics has seen the emergence of cutting-edge AI tools. This ground-breaking technology identifies a variety of eye disorders with unmatched accuracy and has the potential to transform Parkinson's disease early detection.

According to a recent report from Medical News Today, the AI tool has shown remarkable precision in diagnosing a wide range of eye conditions, from cataracts to glaucoma. By analyzing high-resolution images of the eye, the tool can swiftly and accurately identify subtle signs that might elude the human eye. This not only expedites the diagnostic process but also enhances the likelihood of successful treatment outcomes.

Dr. Sarah Thompson, a leading ophthalmologist, expressed her enthusiasm about the implications of this breakthrough technology, stating, "The AI tool's ability to detect minute irregularities in eye images is truly remarkable. It opens up new avenues for early intervention and tailored treatment plans for patients."

The significance of this AI tool is further underscored by its potential to assist in the early diagnosis of Parkinson's disease. Utilizing a foundational AI model, as reported by Parkinson's News Today, the tool analyzes eye images to detect subtle indicators of Parkinson's. This development could be a game-changer in the realm of neurology, where early diagnosis is often challenging, yet crucial for better patient outcomes.

Dr. Michael Rodriguez, a neurologist specializing in movement disorders, expressed his optimism, stating, "The integration of AI in Parkinson's diagnosis is a monumental step forward. Detecting the disease in its early stages allows for more effective management strategies and could potentially alter the course of the disease for many patients."

The potential impact of this AI-driven diagnostic tool extends beyond the realm of individual patient care. As reported by Healthcare IT News, its widespread implementation could lead to more efficient healthcare systems, reducing the burden on both clinicians and patients. By streamlining the diagnostic process, healthcare providers can allocate resources more effectively and prioritize early intervention.

An important turning point in the history of medical diagnostics has been reached with the introduction of this revolutionary AI technology. Its unmatched precision in identifying eye disorders and promise to improve Parkinson's disease early detection have significant effects on patient care and healthcare systems around the world. This technology has the potential to revolutionize medical diagnosis and treatment as it develops further.

Rhysida Ransomware Group: Social Security Numbers, Passport Data Compromised in Recent Hospital Attack


On Thursday, the Rhysida ransomware gang confirmed to have been behind the recent cyberattack on Prospect Medical Holdings, as reported by a dark web listing reviewed by Axios.

Apparently, the ransomware gang stole more than 500,000 Social Security numbers and copies of the company’s employees’ driving licenses and passports. Also, other legal and financial documents are said to be compromised.

Prospect Medical Holdings—currently operating 16 hospitals spread across four U.S. states—confirms that the ransomware attack was launched earlier this month, because of which they have been facing issues in their online operations.

Moreover, several elective surgeries, outpatient appointments, blood drives and other services are put to hold owing to the attack. 

According to a Prospect spokesperson, the company was unable to comment on the suspected data leak due to "the sensitivity of the incident and law enforcement involvement."

"Prospect Medical continues to work around-the-clock to recover critical systems and restore their integrity[…]We are making significant progress. Some operational systems have been fully restored and we are in the process of bringing others online," the spokesperson said. 

Rhysida Ransomware Group 

Rhysida confirmed Prospect as one of its victims on its dark web site this Thursday, stating that it had taken 1.3 terabytes of SQL data and 1 terabyte of "unique" files.

Certainly, if the ransom demands are not fulfilled, the ransomware group has threatened the firm to expose their victims’ names to their site. 

Rhysida, in a listing, says that it will auction off "more than 500,000 SNNs, passports of their clients and employees, driver's licenses, patient files (profile, medical history), financial and legal documents!!!"

The auction apparently ends in nine days, with 50 Bitcoins as ransom, per the listing.

Rhysida first came to light in May, however the government officials and cybersecurity professionals claim to have already known about the group, following instances of the group targeting critical infrastructure organizations in recent months.

Also, the Department of Health and Human Services (HHS) published an advisory in regards to the group, since Rhysida’s prime targets involved organizations in the health and public health sector. They further noted that Rhysida’s victims also involved firms in the education and manufacturing sectors.

HHS has advised organizations to patch known security flaws present in their systems and install data back-ups in case they are taken offline. Moreover, they recommended phishing awareness training programs for employees.