Breach Breakdown: Change Healthcare Data Breach

1 Million Patients Affected

What Organization Was Breached?

Change Healthcare is a prominent healthcare technology company that provides software solutions, services, and analytics to healthcare providers, payers, and other stakeholders. Their focus is on improving the efficiency, quality, and accessibility of healthcare through digital tools that streamline clinical and administrative processes.

When Did the Breach Occur?

• February 21, 2024: CHC became aware that its computer systems had been infected with ransomware. Upon discovery, CHC immediately took steps to stop the attack, disconnecting affected systems to prevent further damage. The organization launched an investigation and notified law enforcement, while its security team worked tirelessly alongside top cybersecurity experts to assess the situation.
• February 17–20, 2024: The investigation revealed that a significant amount of data had been exfiltrated from CHC’s environment during this period.
• March 7, 2024: CHC confirmed the exfiltration of data, marking the beginning of a comprehensive investigation with leading cybersecurity experts.
• April 22, 2024: After thorough analysis, CHC publicly disclosed that a substantial proportion of individuals in America could have been affected by the breach.
• June 20, 2024: CHC began notifying affected customers on a rolling basis and provided a substitute notice link to inform patients and members who may not have been initially identified as impacted.

What Was Stolen?

The cyberattack exposed a wide range of sensitive information, including:

• Contact Information:
  • First and last names
  • Addresses
  • Phone numbers
  • Email addresses
    
    
• Date of Birth
  
  
• Health Insurance Information:
  • Primary, secondary, or other health plans/policies
  • Insurance companies
  • Member/group ID numbers
    Medicaid-Medicare-government payor ID numbers
    
    
• Health Information:
  • Medical record numbers
  • Providers
  • Diagnoses
  • Medications
  • Test results
  • Medical images
  • Care and treatment information
    
    
• Billing and Claims Information:
  • Claim numbers
  • Account numbers
  • Billing codes
  • Payments made
  • Balance due

While Social Security numbers were not impacted for the majority of affected individuals, there were rare instances where these were exposed. Furthermore, sensitive financial data such as banking information, payment card details, driver’s license or state ID numbers, and other types of identification numbers were not part of the breach.

It’s also worth noting that some of the exposed information may have been related to guarantors — individuals who are responsible for paying healthcare bills but are not the actual patients receiving the care.

How Can This Breach Be Used Against You?

• Identity Theft and Financial Fraud:
  The exposure of sensitive personal data, including health insurance and billing details, makes victims vulnerable to identity theft. Cybercriminals could use this stolen information to open fraudulent accounts, apply for loans, or commit financial fraud under stolen identities.
• Medical Fraud and Misuse:
  With access to health records and insurance data, cybercriminals could commit medical fraud by filing false insurance claims or altering billing information. This could result in significant financial losses and the potential for incorrect medical treatments or prescriptions being issued under stolen identities.
• Phishing Scams and Social Engineering:
  Cybercriminals can use the exposed data to create highly targeted phishing attacks. These scams may appear to come from CHC, healthcare providers, or insurance companies, requesting further personal information like bank account details or passwords. Personalized phishing attempts are far more convincing and, therefore, more likely to deceive victims into disclosing sensitive information.
• Account Takeover:
  The breached medical and insurance data could allow hackers to access patient portals or health insurance accounts. Once inside, cybercriminals could manipulate appointments, alter coverage details, or fraudulently claim benefits, putting patients at greater risk of medical and financial exploitation.

How OptMsg Will Keep You Safe

Following the CHC breach, it’s crucial to take steps to protect your sensitive information from phishing, identity theft, and other potential threats. OptMsg is here to help you secure your data and communications through advanced security measures:

• Opt-In Email Filtering:
  OptMsg’s state-of-the-art email filtering system blocks malicious emails and phishing attempts before they reach your inbox. This helps prevent scammers from exploiting your personal information.
• Encrypted Messaging:
  OptMsg’s encrypted messaging service ensures your sensitive conversations between OptMsg users remain private, protected from unauthorized access.
• Privacy by Design:
  OptMsg is committed to your privacy. We do not sell or use your data for marketing purposes, ensuring that your personal information stays secure and is not exploited.

Relevant Links:

• CHC: Official Data Breach Notice
• Forbes: CHC Data Breach Details
• OptMsg Security Solutions

Stay Informed. Stay Secure.

In light of the growing frequency of data breaches, the CHC incident serves as a stark reminder of the vulnerabilities in healthcare systems. With 1 million patients affected, it’s more important than ever to protect your personal information. OptMsg is here to help you defend against phishing, identity theft, and other cyber threats. If you have concerns about the security of your data or need help securing your communications, contact us today. Stay informed, stay secure.