Safe Not Scammed

The Change Healthcare Ransomware Disaster

Published about 2 months ago • 1 min read

Issue #13

The Change Healthcare Ransomware Disaster

Ahoy there, fellow Netizens! This week let’s talk about the train wreck that is the Change Healthcare situation.

If you haven’t heard, Change Healthcare suffered a ransomware attack back in February that caused disruption at hospitals and pharmacies around the country. As is common with ransomware attacks, the bad actors also stole data from the health tech giant.

UnitedHealth Group, the company that owns Change Healthcare, confirmed the stolen data includes protected health information and personally identifiable information from “a substantial proportion of people in America.”

Change Healthcare paid a staggering $22 million dollar ransom to AlphV, the gang behind the cyberattack, to prevent the misuse of this stolen data. However, after receiving the payment, AlphV fractured. The member who was responsible for attacking Change Healthcare claimed they had not been given their share of the ransom. They also claimed to have all the stolen data in their possession.

RansomHub, a newer ransomware gang, is now claiming to be associated with the former AlphV member who got ripped off by their ex gang mates. RansomHub is also demanding Change Healthcare pay an undisclosed sum as a second ransom to prevent it from selling the data. To show its threats are serious, the gang has already leaked some patient data that appears to be legitimate.

Maddeningly, this whole disaster appears to have started because Change Healthcare failed to set up two-factor authentication (2FA) on its remote access software. So, when AlphV compromised a Change Healthcare user’s username and password, there was nothing to stop the gang from gaining access to the health giant’s network.

So, take this as a reminder to set up 2FA to protect your accounts if you haven’t already! And be on the lookout for data breach notifications from Change Healthcare in the coming months to see if your data was exposed in the attack.

Until next time, stay safe out there!

113 Cherry St #92768, Seattle, WA 98104-2205
Unsubscribe · Preferences

Safe Not Scammed

Rebecca Morris

Subscribe to my weekly newsletter to keep up with the latest hacks, scams and privacy violations, plus what you can do to protect yourself!

Read more from Safe Not Scammed

Issue #16 Is Recall Worth the Risk? Image made using Canva Ahoy there, fellow Netizens! This week, let’s talk about Microsoft’s latest controversial feature: Recall. Recall is currently available on Microsoft’s AI powered Copilot+ PCs. It allows you to retrace what you were doing on your computer up to three months ago. It does this by taking screenshots every five seconds and storing them locally on your machine, allowing you to explore them later in a timeline format or via search. While...

12 days ago • 1 min read

Issue #15 Be Wary of Google's AI Overview Image made using Canva Ahoy there, fellow Netizens! Today, let’s talk about Google’s AI Overview, which you’ll soon see integrated into Google Search. As its name suggests, AI Overview (previously known as SGE or Search Generative Experience) provides an AI generated summary of the search results for certain queries. And, to make sure you can’t miss it, Google places it right at the top of the search results page. When experimenting with AI Overview,...

26 days ago • 1 min read

Issue #14 Vastaamo Hacker Sentenced Image made using Canva Ahoy there, fellow Netizens! Before getting to this week’s story, I have a quick announcement. Going forward, I’ll be sending this newsletter out once every two weeks instead of once every week. I hope you’ll continue to enjoy the newsletters, even though they’ll be a little less frequent! Now, let’s talk about Julius Kivimäki, a 26-year-old Finnish hacker who was sentenced to prison earlier this week for his attack on Finnish...

about 1 month ago • 1 min read
Share this post