What you need to know about the UnitedHealth Group data breach

A person with glasses sitting at a desk with a laptop

Nearly one-third of Americans could be affected by a ransomware cyberattack on Change Healthcare, a health tech subsidiary of health insurance company UnitedHealth Group. The hackers accessed information containing protected health information (PHI) or personally identifiable information (PII), threatening to release more if a ransom is not paid.

With a significant portion of personal health information potentially at risk, the potential for identity theft impacting masses of people is a concern. Health information is particularly sensitive and valuable, making it a goldmine for cybercriminals. This data can be misused for fraudulent activities and identity theft, which can lead to financial loss and a significant breach of privacy.

Discovering that your personal information has been exposed can be alarming. Things like your Social Security Number are a critical piece of your identity that helps you access credit, file tax returns, and more. If it falls into the wrong hands, the consequences can be severe, including identity theft and financial fraud. Here is a clear, step-by-step guide on what to do if you find yourself in this precarious situation.

1. Confirm the breach and your exposure

Before taking any action, confirm your information was exposed in the breach. Often, companies that suffer a data breach will provide details to the affected individuals, either through email or physical mail. Make sure you receive this communication directly from the company and not through a potentially phishing email. It is important to note that UnitedHealth Group is still analyzing data and has not yet sent out notifications to its customers as of this article’s publication.

2. Place a fraud alert

Immediately place a fraud alert on your credit reports. This is a free service provided by the three major credit bureaus—Equifax, Experian, and TransUnion. A fraud alert makes it harder for identity thieves to open accounts in your name, as it requires creditors to take extra steps to verify your identity before extending credit.

3. Consider a credit freeze

A more secure option than a fraud alert is to place a credit freeze on your files. A credit freeze prevents creditors from accessing your credit report entirely, which makes it unlikely that an identity thief can open new accounts in your name. Credit freezes are free to place and can be lifted temporarily or permanently at your request.

4. Obtain your credit reports

You are entitled to a free credit report from each of the three major credit bureaus once per year. Review your credit reports for any unauthorized activity or discrepancies. With LifeLock Advantage, you can get a monthly 1-bureau credit score & report instead of annually. If you spot anything suspicious, report it immediately to the bureau and the creditor involved.

5. Monitor your accounts closely

Keep a close eye on your bank accounts, credit card statements, and any other financial accounts for signs of unauthorized transactions. If you see anything unusual, contact your financial institution immediately.

6. Consider an identity theft protection service

If you are concerned about your ability to monitor your identity or need assistance, consider subscribing to an identity theft protection service. These services can monitor your credit and personal info, alerting you to potential fraud. LifeLock offers restoration services and plans include identity theft insurance, with the highest tier plan covering up to $1 million in personal expense reimbursement to help you deal with the aftermath of identity theft.

7. Change your passwords

If your passwords were compromised, change them immediately. It is crucial to create strong, unique passwords for each of your accounts. LifeLock offers a password management solution to keep track of them. If available, enable two-factor authentication (2FA) for added security.

8. Stay informed and vigilant

Stay updated on the latest in cybersecurity and identity protection. Be vigilant about phishing attempts and scams that often follow a data breach. These scams can trick you into providing personal information under the guise of security updates or additional verification.

Dealing with the aftermath of a data breach can be overwhelming, but taking these steps can help reduce your risk of further damage. By securing your credit, monitoring your accounts, and utilizing available resources, you can protect your identity. Remember, vigilance and quick action are key in the fight against identity theft.

Editor’s note: Our articles provide educational information. LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about.

This article contains

    Target Data Breach Victims Could Get Up to $10,000
    Target's massive data breach hit during the 2013 holiday shopping season. The retailer is proposing to offer victims up to $10,000 each in damages.
    Read More
    Microsoft accidentally exposed 250 million customer records — What you should know
    A Microsoft security breach exposed 250 million customer records on a database without password protection. Learn more.
    Read More
    What to do if your personal information has been compromised (9-step guide)
    It’s a hassle to recover from a data breach. But with the right tools, it’s possible — follow along to learn how.
    Read More
    How to Check If You're Affected by the Equifax Data Breach
    It’s easy to find out if you were affected by the Equifax data breach by using a look-up tool. Find out how from LifeLock.
    Read More

    Start your protection,
    enroll in minutes.

    Get discounts, info, protection tips, and more.

    Sign up for promotional emails.