Another massive data breach has occurred in the U.S., this time impacting the nation’s largest health insurance provider and their millions of customers. UnitedHealth Group, which serves 52 million people worldwide (90% of whom reside in the U.S.) was the victim of a cyberattack by hacker group Black Cat putting millions of patients’ private data at risk.
According to UnitedHealth Chief Executive Andrew Witty, the company paid the requested ransom to mitigate the risk to their customers as well as to get payments to doctors and healthcare facilities—halted by the hack—back on track. About half of all claims processed in the U.S. filter through the company’s Change Healthcare unit so this hack has a major impact on how bills are paid and patients reimbursed.
More critical, however, is the likelihood that customers’ personal data has been stolen and released to the dark web. Unlike the breach of a phone company or even bank, this type of hack can have devastating consequences as the data released may include personal, financial, medical, and even genetic information.
As UnitedHealth estimates that up to 1/3 of all Americans may be affected by this breach, your data may be at risk. Just as with a financial breach, it’s important to keep an eye on your credit report (to ensure you aren’t being billed fraudulently), but consider the following mitigation efforts as well:
Contact the insurer directly. HIPAA requires that any medical agency that has been attacked contact patients’ whose records have been compromised, but this can often take time. Reach out yourself if you’re concerned.
Review Explanation of Benefits letters. We often just toss these notices, but go over them with a fine-toothed comb and call your insurer if unexplained charges or services appear.
Verify personal data at every doctor visit. If the personal information (address, coverage, date of birth, etc.) is incorrect, let your doctor know you may be a victim of medical identity theft, and call your insurer immediately. If your billing is auto-debited from a card or bank, sever that tie immediately.
Double–check diagnoses, prescriptions, and potential surgeries. Medical data theft could result in changes being made to your medical records and history. It’s crucial that your prescriptions and treatments remain consistent, so check in with your doctor regularly and make sure they are aware that your records may have been compromised.
As always, the best thing you can do in this connected world is to stay vigilant. Check your credit, review statements, and contact your financial and healthcare institutions if you think you may have been hacked. Stay safe and healthy!
