It's been a scary year for protecting your personal information. A breach at AT&T announced this summer impacted nearly all customers — not to be confused with another AT&T data breach disclosed this spring. There was a breach at Roku and a settlement for Cash App customers after data breaches. And last month, a cyberattack at National Public Data was confirmed.
It's hard to keep track of where your data is at risk, making me feel a bit like a cartoon character figuring out which hole to plug next. Amidst all of that, there was also a data breach at Change Healthcare, which is owned by UnitedHealth. This impacted a massive amount of people; an exact number hasn't been indicated, but Change Healthcare says "the impacted data could cover a substantial proportion of people in America," and the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) noted the cyberattack's "unprecedented magnitude."
While the Change Healthcare data breach took place in February, people started getting notifications about it in late summer and into the fall. Whether you got a letter or not, there are some action items you should take to protect your identity and finances. Here's what you need to know about the Change Healthcare breach.
From just $107.88 $24.99 for Kiplinger Personal Finance
Become a smarter, better informed investor. Subscribe from just $107.88 $24.99, plus get up to 4 Special Issues
Sign up for Kiplinger’s Free Newsletters
Profit and prosper with the best of expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.
Profit and prosper with the best of expert advice - straight to your e-mail.
What was the Change Healthcare data breach?
While you may never have heard of Change Healthcare before, there's a high chance you've encountered it. Change Healthcare is a health payment processing company that works on billing and insurance for many health systems including hospitals, medical offices and pharmacies.
In February, hackers breached Change Healthcare. TechCrunch reported at the time it was linked to a Russian-based ransomware group, where hackers demand a ransom. On Feb. 21, Change Healthcare said, the health company began taking steps to stop the hack.
"A substantial quantity of data" was taken from Change Healthcare, the company said.
You may remember that around this time, from February and into the spring, there were major disruptions in healthcare. That included problems with insurance approvals, including payments systems and Medicare reimbursements. Those disruptions were because the company was shutting down certain accesses to try to stop the attack.
The cyberattack and its disruptions led to plenty of questions and investigations about how this happened, including questions from congressmembers and an investigation from the HHS.
During a hearing before the Senate Committee on Finance, UnitedHealth Group CEO Andrew Witty said the company paid a $22 million ransom to the hackers in response to the attack.
What data was part of the Change Healthcare breach?
Data collected in this cyberattack was widespread. It included, per Change Healthcare:
- Names and dates of birth
- Addresses, phone numbers and email addresses
- Health insurance member and group ID numbers, and Medicare payor ID numbers
- Health information, including medical record numbers, diagnoses, test results, medicines and treatment
- Billing and claim information, including billing codes and claim numbers, as well as balance due
- Payment information, including financial and banking information and payment cards
- Social Security numbers
- Driver's licenses, state ID numbers and passport numbers
The company said "the information that may have been involved was not the same for every impacted individual," and it "cannot confirm exactly what data has been affected for each impacted individual."
Change Healthcare also said it has "not yet seen full medical histories or doctors’ charts appear in the data review," and that some information may have been related to guarantors who paid for healthcare services, not patients themselves.
How to know if you were part of the Change Healthcare data breach
As mentioned, Change Healthcare has started to send out letters to people whose data was impacted by this cyberattack. The company said it began sending written letters, via mail, on July 29 and is continuing to send out notices as it identifies people.
However, the company also notes that it may not have proper mailing addresses for all impacted individuals, so even if you didn't receive a letter, there's a chance you were part of the data breach.
What to do to protect your data
Because of the widespread impact of this data breach, Change Healthcare is offering free credit monitoring and identity theft protections for two years to "anyone who believes they may have been impacted." To access this, you can scroll down to the words "What can you do now?" on this page and click "Enroll now." You can also call 1-888-846-4705 to enroll yourself.
Change Healthcare also has a dedicated call center available both to access those services and to access emotional support services. You can reach that call center at 1-866-262-5342.
There are several things to do right away if you're a victim of a data breach, many of which Change Healthcare also recommends. That includes monitoring your credit reports and financial accounts, looking for anything that looks unusual. You can also freeze your credit accounts to protect your credit. Change Healthcare additionally recommends monitoring your healthcare explanation of benefits statements for anything that looks off.
Kiplinger also recommends you change your password on key accounts, including changing your Social Security login. You can use password managers like 1Password to store your passwords and create extra-secure ones.
For an additional measure of safety, set up multifactor authentication for key accounts, which means, for example, to log into a bank account, you need to enter a password and a code texted to your phone number. In fact, Witty of UnitedHealth told the Senate the hackers were able to get into a server because it didn't have multifactor authentication, so you can understand how useful a safety measure that is.
Related content
-
3 Ways to Stretch the 2026 Social Security COLA For Your BudgetThree steps retirees can take to stretch the Social Security COLA to fit their budgets.
-
How to Keep Your Charitable Giving Momentum Going All YearInstead of treating charity like a year-end rush for tax breaks, consider using smart tools like DAFs and recurring grants for maximum impact all the year.
-
Uber Takes Aim at the Bottom Lines of Billboard LawyersUber has filed lawsuits and proposed a ballot initiative, in California, to curb settlements it claims are falsely inflated by some personal injury lawyers.
-
Uber Takes Aim at the Bottom Lines of Billboard Personal Injury Lawyers
Uber has filed lawsuits and proposed a ballot initiative, in California, to curb settlements it claims are falsely inflated by some personal injury lawyers.
-
11 Cities With the Cheapest Groceries in the USIf you live in one of these 11 cities, you're paying less than the rest of the country to keep your fridge stocked.
-
Giving Tuesday 2025: 'Every Small Act Makes a Major Difference'GivingTuesday encourages generosity in any form, from donating to charity to helping your neighbors.
-
How to Position Your Portfolio for Lower Interest RatesThe Federal Reserve is far from done with its rate-cutting regime. This is how investors can prepare.
-
Moves to Manage the Soaring Costs of Owning a CarIt's costing more and more to keep a car on the road, but you can drive some costs down. Here's how to get a better deal on insurance premiums, repairs and gas
-
My First $1 Million: Oil Industry Engineering Manager, 67, Chapel Hill, N.C.Ever wonder how someone who's made a million dollars or more did it? Kiplinger's My First $1 Million series uncovers the answers.
-
I'm a Financial Literacy Expert: Bubble-Wrapping Our Kids Robbed Them of Resilience. Now What?By raising them to think they're amazing no matter what and lifting them over obstacles, we left them unprepared to work in the real world.
-
I'm a Financial Planner: If You're a High Earner, You Need an 18-Month Safety NetNo job seems to be safe in this age of AI. If you make a larger-than-usual salary, then you need to have a larger-than-usual emergency fund. Here's why.
