Checklist 373: Change We Can’t Believe In

UnitedHealth Confirms Massive Data Breach, Millions of Americans’ Health Data Stolen

In a recent podcast discussion, UnitedHealth Group disclosed a significant breach affecting a substantial portion of Americans’ health data. TechCrunch reports that the breach occurred at Change Healthcare, a major player in processing insurance and billing for various healthcare institutions across the U.S.

Change Healthcare, a company many might not have been familiar with until now, processes data for hundreds of thousands of hospitals, pharmacies, and medical practices. This means it holds extensive health information on about half of all Americans, making it a prime target for hackers.

The breach, described as a ransomware attack, resulted in the theft of files containing protected health information (PHI) or personally identifiable information (PII) of potentially millions of Americans. UnitedHealth Group, the parent company of Change Healthcare, confirmed the attack and the theft of sensitive data, though it claims not to have seen evidence of complete medical histories or doctors’ charts being taken.

What’s particularly troubling is the handling of the situation by the hackers. After reportedly receiving a $22 million ransom payment from UnitedHealth in March, the original hacking group disappeared. However, a new group known as RansomHub emerged, threatening to sell the stolen data unless further ransom demands were met. To prove their capabilities, RansomHub leaked personal information of patients, along with internal files related to Change Healthcare.

The situation leaves millions of Americans vulnerable to identity theft and other privacy breaches, raising concerns about the security of personal health data in an increasingly digital world.

Source: TechCrunch

UnitedHealth Group Addresses Massive Data Breach, Offers Support to Affected Individuals

In a recent podcast discussion, UnitedHealth Group’s response to the massive data breach at its subsidiary, Change Healthcare, has been highlighted. According to reports from The Wall Street Journal and TechCrunch, hackers associated with a Russian group gained access to Change Healthcare’s network using stolen credentials for remote access. The hackers had access for over a week before deploying ransomware, allowing them to steal significant amounts of data.

While some might praise UnitedHealth Group for its efforts to address the breach, others criticize the company for allowing such a security lapse. Despite the breach potentially affecting as many as half of all Americans, UnitedHealth Group states that the ransomware attack has cost the company over $870 million in losses, which is less than 1% of its revenue.

UnitedHealth Group has announced support for individuals concerned about their personal data being impacted by the breach. The company’s statement acknowledges that protected health information (PHI) and/or personally identifiable information have been compromised, although there’s no evidence of complete medical histories being taken.

In an attempt to assist affected individuals, UnitedHealth Group has set up a dedicated website, ChangeCyberSupport.com, where people can find more information and resources. Additionally, a call center has been established to offer free credit monitoring and identity theft protections for two years. However, due to the ongoing nature of the investigation, specifics on individual data impact won’t be available immediately.

UnitedHealth Group advises individuals to monitor their explanation of benefits statements, bank and credit card statements, credit reports, and tax returns for any suspicious activity. They encourage contacting health plans or doctors if unfamiliar health care services are listed and financial institutions or credit card companies if suspicious transactions are observed. Victims of potential crimes are advised to contact local law enforcement authorities and file a police report.

Source: UnitedHealth Group Newsroom

Sophisticated Scam Preys on Online Shoppers in South Korea and Japan

A podcast discussion has shed light on a remarkably audacious scam that targeted online shoppers in South Korea and Japan. According to The Register, the scam, which was prevalent across the two countries, involved stealing credit card information through phishing scams.

Here’s where it gets interesting: the scammers didn’t just stop at stealing credit card details. The Financial Security Institute of South Korea’s Gyuyeon Kim revealed at Black Hat Asia that they stumbled upon a site that victims of phishing would be directed to. This site offered the option to purchase goods, effectively providing the scammers a means of stealing credit card details under the guise of legitimate transactions.

The crux of the scam lies in its simplicity and boldness. Imagine finding a discounted iPhone online and paying $800 for a device that would normally cost $1,100. Sounds like a great deal, right? But what if you were told to pick up this “second-hand” iPhone at an actual Apple Store?

Here’s where the magic (or rather, the scam) happens: the seller, who is part of the credit card theft scheme, accepts your $800 payment, then uses a stolen credit card to purchase the iPhone at full price from Apple’s website. You go to the Apple Store to collect your purchase, not realizing that the seller has effectively scammed you.

The Black Hat Asia speaker behind the revelation believes the scam originates from China due to certain technical reasons. She suggests that the scam wouldn’t work in South Korea due to the country’s stringent online transaction authentication procedures, which require more than just credit card details.

While the scam is undeniably clever, it’s important to remember that it’s illegal and harmful. There are no victimless crimes, and attempting to carry out such scams is not only morally wrong but also punishable by law.

Source: The Register