UnitedHealth CEO confirms 1/3 of patients data breached: How to protect yourself

SYRACUSE, N.Y. (WSYR-TV) — Frustrating news for United Health Care patients on Capitol Hill.

CEO Andrew Witty announced 1/3 of patient data was breached in a cyberattack in February.

A $22 million ransom paid in full.

“This is one of the hardest decisions I’ve ever had to make,” said Witty said.

But it doesn’t mean all is well.

“If they get my web banking credentials, they are now in my bank account and they can do whatever I can do in web banking,” said Michael Fudge, a professor at the Syracuse University School of Informational Sciences. “If that means move money out, that means move money. If it’s my place of employment, they would have access to the same data. Some of that data is valuable on the dark web because you can sell someone’s information for a certain amount of money.”

So what do you do now to protect yourself? First things first, check your credit report.

“I’m a United Healthcare patient, so one thing I will do is monitor my credit reports to see if any of that information is used to steal my identity,” said Fudge.

Next, consider changing your passwords.

“One thing that attackers love to do is credential stuffing,” Fudge said. “So, for example, you use the same password on six different sites and those six get compromised, now they have a way into the other five sites because you’re using the same password.”

Fudge also recommends looking into an identity protection service that will stop hackers in their tracks from stealing your information.

“Idnotify or Lifelock, those are great services that you can use. They’ll monitor activity especially if you’re data was leaked onto the dark web,” he said. “They can be instrumental in protecting your credit from third parties opening accounts in your name.”

Witty said during his testimony that it will take several months before affected customers are notified because the data files in the cyberattack were compromised.

Powered by News Channel 9.