Maryland residents are advised by the attorney general’s office to assume that their personal healthcare information was compromised in a recent extensive data breach. This caution follows a ransomware attack on Change Healthcare, the largest electronic data clearinghouse in the United States, and a subsidiary of UnitedHealth, which disrupted operations for numerous medical facilities in February, including doctor’s offices, hospitals, and pharmacies.
The breach led to the exposure of health and personal data on the dark web, an anonymous part of the internet often used for illicit activities. While the exact number of affected patients remains unclear, Change Healthcare has publicly acknowledged that as many as one-third of all Americans could be impacted.
Change Healthcare has taken steps to notify the public about the breach through its website and plans to send notification letters to some affected individuals by July 20. The compromised data includes sensitive information such as patient contact details, health insurance specifics, medical records, test results, billing and claims data, and personal identifiers like Social Security numbers, driver’s licenses, and passport numbers.
An ongoing investigation into the cyberattack is underway, with Change Healthcare committed to providing further updates on the breach’s scope as the investigation progresses. In response to the breach, the company is offering two years of complimentary credit monitoring and identity protection services. They advise affected individuals to monitor their financial statements, bank transactions, and tax returns for any signs of unauthorized activity.
Maryland Attorney General Anthony Brown urges residents to take precautions to safeguard their financial information and identity. He recommends that Marylanders assume their data was affected by the breach and consider enrolling in the free credit monitoring and identity theft protection services offered by Change Healthcare, accessible via their website or by phone.