June 16, 2024

The Minnesota Hospital Association and Minnesota Attorney General Keith Ellison are alerting the public about scammers capitalizing on the recent Change Healthcare cyberattack. Their objective is to defraud victims of their credit card information.

Ellison discloses that state hospitals have reported incidents of patients being tricked by con artists. The scammers, impersonating health service providers, dupe victims by promising refunds in return for their credit card details. More about this can be found in the [official notice](https://www.ag.state.mn.us/Office/Communications/2024/03/08_HealthcareImposters.asp) from the Minnesota AG’s office.

The Minnesota Hospital Association also warns about scammers posing as healthcare employees and seeking credit card information. These scams could be related to purported payments, rebates or refunds connected to drugs or other health services.

The association wants to make it clear that patients will never be called asking for sensitive financial details, including bank or credit card information. A safer approach is to directly contact the providers for any billing or financial queries.

The cyberattack that started it all was attributed to the Blackcat ransomware group. UnitedHealth Group had to cough up $22 million to regain access to encrypted data, says [Reuters](https://www.reuters.com/technology/cybersecurity/hacker-forum-post-claims-unitedhealth-paid-22-mln-ransom-bid-recover-data-2024-03-05/).

Although there’s no confirmed connection between the scam and the information leak from the attack, Lou Ann Olson from the MHA maintains the data could potentially include private details of many patients.

Hospitals and finances have been majorly hit as the cyberattack caused considerable disruption in payments, impacting directly on patient care and resulting in significant financial implications. More information on this can be found on the [American Hospital Association website](https://www.aha.org/2024-03-15-aha-survey-change-healthcare-cyberattack-significantly-disrupts-patient-care-hospitals-finances).

According to Attorney General Ellison, Change Healthcare, a subsidiary of UnitedHealth Group, operates the largest healthcare payment system in the US.

Customers are advised to stay alert and report any suspicious calls to Attorney General Keith Ellison’s office.

**Frequently Asked Questions**

What was the nature of the Change Healthcare cyberattack?

The cyberattack on Change Healthcare was reportedly the work of the Blackcat ransomware group. The group encrypted the data and systems of Change Healthcare and demanded a ransom of $22 million to restore access.

How to protect yourself from such scams?

Patients are advised not to share any financial information such as credit card or bank account details over the phone. If you receive a suspicious call asking for such information, hang up and directly contact your healthcare provider. Always remember that hospitals will never call patients to request any sensitive financial information.

What is the impact of the cyberattack on healthcare providers?

The cyberattack has significantly affected healthcare providers. According to the American Hospital Association, 74% of hospitals have reported a direct impact on patient care due to delays in processing health plan requirements. In addition, 94% of hospitals have reported financial implications, with more than half stating a severe effect.