Fishing_iStock
UnitedHealth Group (NYSE:UNH) said that a preliminary review of data involved in the February cyberattack on its Change Healthcare unit indicates that personal information was involved and that “a substantial percentage of people in America” could be affected.
The health insurance company said so which, since it will likely take months to identify and notify those affected, will provide some support services in the meantime, including free credit monitoring and identity theft protection. The company also advised people to monitor their financial and insurance statements for suspicious activity, according to a statement.
UnitedHealth also said the hackers made 22 screenshots of exfiltrated files, some of which contained identifiable or protected health information, available on the dark web for about a week. The company expects to provide appropriate communications once the information in question has been confirmed.
The company also released an update on its progress in restoring customer services, noting that 99% of pre-incident pharmacies were now able to process claims. Change Healthcare’s payment processing is also operating at 86% of pre-incident capacity. The unit handles about 6% of the U.S. healthcare system’s payments, he added.
UnitedHealth added that approximately 80% of Change’s functionality has been restored across its major platforms and products, and full restoration is expected in the coming weeks.