close
close
DMIACA

What you need to know, how to freeze your credit

play

This year has been scary for your personal information, with data breaches in 2024 at Cashapp, Zelle, HCA Healthcare, and National Public Data. And now, many are being alerted to another breach that happened earlier this year.

Change Healthcare, a subsidiary of global healthcare giant UnitedHealth, has notified those affected by a cyberattack that occurred in February.

Change Healthcare is one of the world’s largest healthcare payment processors, working on billing and insurance for thousands of health systems, including hospitals, physician practices and pharmacies. It serves as a clearinghouse for 15 billion medical claims each year, or nearly 40% of all claims, according to the House Energy and Commerce Committee.

What happened with Change Healthcare?

In its official statement, CHS said officials became aware of the ransomware deployment in its IT system on February 21 and began taking steps to stop the hack. The following month, they confirmed that a “substantial amount of data was exfiltrated from its environment between February 17, 2024 and February 20, 2024.”

Upon further analysis, they discovered that the data in question could cover a substantial proportion of the U.S. population.

What information was stolen in the Change Healthcare hack?

Although CHC officials said they could not confirm exactly what data was affected for each affected individual, the affected information for affected individuals could include contact information, such as first and last name, address, date of birth, telephone number and email.

This could also include one or more of the following:

  • Health insurance information (such as primary, secondary or other health insurance plans/policies, insurance companies, member/group identification numbers and Medicaid-Medicare-government payer identification numbers);
  • Health information (such as medical record numbers, healthcare providers, diagnoses, medications, test results, images, care and treatments);
  • Billing, claim and payment information (such as claim numbers, account numbers, billing codes, payment cards, financial and banking information, payments made and balance due); and/or
  • Other personal information such as social security numbers, driver's license numbers, state identification numbers or passport numbers.

Are Change Healthcare Data Breach Letters Real?

Yes, the Change Healthcare data breach letters are real. In July, CHC began providing written notifications to these customers on an ongoing basis.

“While the data review is at an advanced stage and additional customers may be identified as affected, CHC has identified certain customers whose member or patient data was involved in the incident,” the website states.

How to know if your information has been stolen

CHC has provided a link to its replacement notice more generally so that other customers can provide information to their patients/members even if they have not been identified as affected. You can access the link here.

What should I do if my information has been stolen?

The CHS recommends the following steps individuals can take to protect themselves:

  • Anyone who believes their information may have been affected by this incident can sign up for free credit monitoring and identity protection services for two years. CHC will cover the cost of these services for two years.
  • Individuals should be vigilant and regularly monitor the explanation of benefits statements received from their health insurance plan and statements from health care providers, as well as bank and credit card statements, credit reports and tax returns, to check for any unknown activity.
  • If a person finds that health services they did not receive are listed in an explanatory statement of benefits, they should contact their health insurance plan or doctor.
  • If individuals notice suspicious activity on their bank or credit card statements or tax returns, they should immediately contact their financial institution and/or credit card company or the appropriate agency.
  • If a person believes they are the victim of a crime, they can contact local law enforcement authorities and file a police report.

Authorities also have a dedicated call center available to access these services and emotional support services. You can reach this call center at 1-866-262-5342.

How to freeze your credit

When you place a security freeze, creditors cannot access your credit report. According to the U.S. government website, this will prevent them from approving any new credit accounts in your name, whether fraudulent or legitimate.

Freezing your credit report is free. But you must contact the three major credit reporting agencies:

You can submit your request online, by phone, or by mail. According to the General Services Administration, agencies must freeze your credit report within one day when you submit it online or by phone. Freeze requests sent by mail must be completed within three business days. Agencies must lift the freeze within one hour if you request it to be unfrozen online or by phone, and within three business days by mail

Related Articles

Back to top button