- The Washington Times - Tuesday, April 30, 2024

Congress is set to hold a hearing with UnitedHealth Group CEO Andrew Witty to answer for a massive cyberattack on its Change Healthcare subsidiary that exposed a yet-to-be-determined amount of personal and medical information on patient subscribers and oh, yes, to talk about the ransom it paid the hackers.

Expect the hearings to go like this:

Mr. Witty, how did this happen?

Mr. Congressman, we are fully committed to protecting the privacies of our customers and subscribers and are actively investigating this egregious criminal act now. 

Thank you, Mr. Witty.

As if we’re all supposed to be shocked — shocked! — that cyberattacks occur at all.

Haven’t we yet moved past the point of surprise when it comes to technology and its potential for privacy infringements? It’s kind of par for the course. The more technology, the more risk of security breach; the more records move online, the more likely these records will one day be hacked. History, on this, repeats — and then some.

All from the Center for Strategic & International Studies: In March, Iranian hackers leaked data from an Israeli nuclear facility; Russian hackers attacked Germany’s Christian Democratic Union political party; unknown hackers broke into India’s government and energy sectors; Chinese hackers attacked various European Union members to release their locations to the public; Canada pulled its FINTRAC financial intel system offline after unidentified hackers breached the system; Russian hackers tapped into and leaked a conversation German military officials were having about their support for Ukraine; Switzerland reported a previous hack of its National Cyber Security Centre included 65,000 documents from the police, judiciary and migration offices that were filled with sensitive personal information and classified data; and Microsoft accused Russia — yes, Russia, once again — of stealing a source code to access internal company information and spy on top executives. That was March.

That was one month. 

History repeats. And repeats.

From UpGuard: Between 2013 and 2018, more than 3 million Yahoo! accounts were exposed due to a cyberattack. Names, email addresses, phone numbers, birthdates, passwords and more — all these were stolen. In 2021, over 30,000 businesses in the United States were impacted when a massive cybersecurity attack compromised Microsoft Exchange servers. In December of 2023, the private records of more than 1.5 billion Real Estate Wealth Network clients were hacked and exposed. In May of 2019, about 885 million files with the First American Financial Corp. were hacked. In April 2021, about 530 million Facebook user accounts were breached. That same month, about 700 million records of LinkedIn users were also hacked.

JPMorgan Chase was hacked.

Home Depot was hacked.

Marriott International was hacked.

Adobe, eBay, Equifax, Target, Capital One — all hacked. 

Add to that the government and government-tied agencies that have been hacked over the years — the Department of Energy, Georgia’s state university system, Johns Hopkins University in Baltimore, the U.S. Treasury Department, the U.S. Department of Commerce — and it’s more than clear: Technology brings privacy risks.

UHG is just the next in line.

“Based on initial targeted data sampling to data, the company has found files containing protected health information (PHI) or personally identifiable information (PII), which could cover a substantial proportion of people in America,” UHG said in a statement about the attack on its Change Healthcare subsidiary. 

“A ransom was paid as part of the company’s commitment to do all it could to protect patient data from disclosure,” a UHG spokesperson also said, The Hill reported.

And now Congress wants to ask UnitedHealth to ’splain itself — as if any ’splaining is really necessary. The explanation is actually quite simple. Technology is never private. The more records move online, the more compromises to personal and private data will occur. And those who say otherwise are outright lying.

• Cheryl Chumley can be reached at cchumley@washingtontimes.com or on Twitter, @ckchumley. Listen to her podcast “Bold and Blunt” by clicking HERE. And never miss her column; subscribe to her newsletter and podcast by clicking HERE. Her latest book, “Lockdown: The Socialist Plan To Take Away Your Freedom,” is available by clicking HERE  or clicking HERE or CLICKING HERE.

Copyright © 2024 The Washington Times, LLC. Click here for reprint permission.

Please read our comment policy before commenting.