The US Department of Health and Human Services Office for Civil Rights (OCR) is currently launching an investigation to determine whether confidential health information has been compromised.
Following the recent Change Healthcare data breach on February 21, 7,000 pharmacies and hospitals were unable to process prescriptions. As a result of a ransomware attack, Change Healthcare’s claims and payments infrastructure were disrupted. In February, the threat actor group Alphv/BlackCat claimed responsibility for the attack. The group announced they stole at least four terabytes of data from Change Healthcare relating to transaction processing. As of last week, UnitedHealth Group (UHG), the parent company, announced that pharmacy prescription filling and electronic payment capabilities will be restored by the end of the week. Even though Change Healthcare paid the actors $22 million in ransom, the BlackCat actors pulled an exit scam. As a result, OCR announced on Wednesday it was launching an investigation into the operation. The investigation is set to focus on “whether a breach of protected health information occurred”. This investigation is set to examine Change Healthcare and UHG’s HIPAA compliance standards.
Read more:
https://www.securityweek.com/government-launches-probe-into-change-healthcare-data-breach/
