Change Healthcare Confirms Paying Ransomware Hackers, But Patient Data Leak Might Still End Up on Dark Web

There's no guarantee that ransomware hackers will not publish confidential even though they received payment.

The ransomware attack on Change Healthcare is a clear indication that the healthcare sector is lagging behind other industries when it comes to cybersecurity protection.

When the UnitedHealth's subsidiary was attacked over two months ago, the organization has confirmed paying a hefty ransom in a desperate attempt to safeguard sensitive patient data.

What's darker behind the scheme: an unguaranteed agreement that the confidential information won't be leaked on the dark web. There's no assurance that the cybercriminals won't publish them elsewhere.

A Costly Decision: Change Healthcare's Ransom Payment

Change Healthcare Confirms Paying Ransomware Hackers, But Patient Data Leak Might Still End Up on Dark Web
A new investigation reveals that before the ransomware attack happened, hackers were already inside Change Healthcare's systems for nine days. Hush Naidoo Jade Photography from Unsplash

After weeks of speculation and piecing together evidence from Bitcoin transactions and cybercriminal forums, Change Healthcare admitted to paying 350 bitcoins, approximately $22 million, to the AlphV hacker group. This group, also known as BlackCat, had been extorting the company since February.

This admission comes amidst ongoing fears that such incidents will encourage more cybercriminal attacks on healthcare organizations, which are seen as lucrative targets due to the critical nature of their data.

What's worse here, according to Seeking Alpha is that UnitedHealth hackers had already access to the systems even before the ransomware attack occurred.

Based on the report, the group broke into its system nine days before the widespread security breach shocked the world.

The Ripple Effects of the Ransom Payment

The decision to pay the ransom was influenced by the company's priority to protect patient data from exposure. However, the transaction has sparked a concerning trend, potentially setting a precedent for future cyberattacks against similar entities.

Cybersecurity experts argue that such payments not only fund criminal activities but also demonstrate that ransomware can be a profitable venture, thereby attracting more attackers to this scene.

Data at Risk: The Consequences of the Cyberattack

Despite the ransom payment, there remains a significant threat that the stolen data may still be circulated or sold on the dark web. This was highlighted when another ransomware group, RansomHub, claimed to possess the compromised data, threatening to auction it off to the highest bidder. Such developments create a complex web of trust issues and potential data misuse within the criminal underworld, complicating recovery efforts for the affected company.

Impact on Healthcare Services and Patient Trust

The cyberattack on Change Healthcare, a subsidiary of UnitedHealth Group, caused widespread disruption. It impacted the insurance approval processes for prescriptions and medical procedures, affecting hundreds of medical practices and hospitals across the United States.

According to WIRED, this disruption not only led to significant financial losses but also eroded trust among patients and healthcare providers.

The company reported an estimated loss of $872 million due to the incident, with projections suggesting that this could surpass a billion dollars over time. This was confirmed by UnitedHealth CEO Andrew Witty during the earning's call.

The incident highlights the critical need for enhanced cybersecurity measures within the healthcare sector. It serves as a stark reminder of the potential consequences of inadequate security protocols and the importance of effective data protection strategies.

Healthcare organizations must prioritize investments in cybersecurity to not only safeguard patient information but also ensure the continuity of medical services.

Joseph Henry
Tech Times
ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics