Home  »  Military & Veteran Benefits   »   VA Admits “No Confirmation” On Whether VA Medical Data Was Stolen In Change Healthcare Breach

VA Admits “No Confirmation” On Whether VA Medical Data Was Stolen In Change Healthcare Breach

On April 9, 2024, we reported a cyberattack on Change Healthcare, which is responsible for fulfilling military healthcare prescriptions worldwide. Basic pharmacy services at military clinics and bases were affected from Scott Air Force Base in Illinois to Kadena Air Base, Japan.

In April we reported that Change Healthcare officials had “a high-level of confidence” that the larger ecosystem that includes UnitedHealthcare and UnitedHealth Group “have not been affected by this issue.”

However, that claim didn’t seem to match the reality of the situation.

A Substantial Proportion of Americans Are Affected By The Change Healthcare Breach 

Military.com’s May 2, 2024 follow-up report on this security break says it all. “UnitedHealth Group, which owns Change Healthcare, acknowledged that ‘a substantial proportion of people in America’ may have had protected health information or personally identifiable information exposed in the hack.”

Officials say it may take months of study to determine who amongst the military and civilian communities has been affected by the hack.

In the meantime, Change Healthcare has taken steps to help those who were affected by the breach of its systems. 

Change Healthcare Offers Help

The company offers two years of free credit monitoring and identity theft protection for those potentially affected by the data break. 

That may not feel like much of a comfort for those who have had their personal and medical data stolen, but it’s a basic necessity in the wake of identity theft in terms of personal credit damage control.

Call Change Healthcare at 1-866-262-5342 or visit the Change Healthcare official site to get more information or to register for the free credit monitoring offer.

Related: Cyberattack Disrupts Military Pharmacies Worldwide

The Department of Veterans Affairs Goes On The Record

The Department of Veterans Affairs went on the record during a press conference stating the VA didn’t have “confirmation” on the extent VA patient information may or may not have been part of the data breach. 

The VA claims to be proactive in notifying the approximately 15 million VA patients and family members to warn them about potential fallout from the data breach. 

The official site’s newsroom contains an article titled What To Know About The Change Healthcare Cyber Breach which discusses the incident, what users can do to protect themselves from becoming victims, and there is information on VA options such as the VA fraud protection toolkit.

There’s also a link to a dedicated section of the VA official site called Protecting Veterans From Fraud, but at a glance much of that seems to be advice on preventing identity theft, not recovering from it. 

Patients who need help protecting themselves after the fact would do better to see the link to the Federal Trade Commission identity theft page linked to from VA.gov. That resource has advice on recovering from incidents like these, not just information on how to avoid getting scammed.

How To Protect Yourself After The Change Healthcare Data Breach

While the VA does post the Change Healthcare credit report monitoring links, consumers may need to take many more steps to protect themselves. A single signup at a single website offering to help is typically not enough.

You may need to develop a comprehensive plan to deal with identity theft, and there is an official government resource to help you do this.

Visit IdentityTheft.gov to get help creating an identity theft action plan that includes calling creditors, contacting your insurance providers and filing an identity fraud complaint with the Federal Trade Commission.

You may also need to review your free credit monitoring reports aggressively to learn when bogus accounts have been opened in your name. You must close these accounts as they pop up and this is a process some struggle with even when using credit monitoring services.

As you can see, recovering from the Change Healthcare incident is more complicated than simply signing up for credit report alerts and reading up on how to avoid becoming a victim. 

Related: Cyberattack Disrupts Military Pharmacies Worldwide

About the author

Editor-in-Chief | + posts

Editor-in-Chief Joe Wallace is a 13-year veteran of the United States Air Force and a former reporter/editor for Air Force Television News and the Pentagon Channel. His freelance work includes contract work for Motorola, VALoans.com, and Credit Karma. He is co-founder of Dim Art House in Springfield, Illinois, and spends his non-writing time as an abstract painter, independent publisher, and occasional filmmaker.