UnitedHealth says 190M Americans were impacted by data breach
What's the story
Leading US health insurance provider UnitedHealth Group has confirmed that some 190 million Americans were impacted by the ransomware attack on its subsidiary, Change Healthcare. This is nearly double the initial estimate.
The confirmation was made by the company to TechCrunch.
A spokesperson for UnitedHealth said that the company has not found any evidence of misuse of individuals' information due to this incident.
Breach impact
Cyberattack leads to significant data theft
The cyberattack on Change Healthcare, which took place in February 2024, has now been identified as the largest medical data breach in US history. It caused months of disruptions across the US healthcare system.
The breach saw the theft of massive volumes of health and insurance-related information, some of which was also published online by the hackers who claimed responsibility for the attack.
Ransom payments
Change Healthcare paid ransoms to prevent further data leaks
In the wake of the breach, Change Healthcare paid at least two ransoms to stop the stolen files from being published further.
Initially, UnitedHealth had estimated some 100 million people were affected by this incident in its preliminary analysis filed with the Office for Civil Rights.
This unit under the US Department of Health and Human Services investigates data breaches.
Data details
Stolen data includes personal, health, and financial information
The cybercriminals were able to steal names, addresses, birth dates, phone numbers, email addresses, and government identity documents such as Social Security numbers.
They also got hold of driver's license numbers and passport information.
The stolen health data included diagnoses, medications, test results as well as imaging and care treatment plans.
Financial and banking information present in patient claims was also part of the stolen data.
Perpetrators identified
ALPHV ransomware gang behind the breach
The breach was linked to the ALPHV ransomware gang, a notorious Russian cybercrime group.
UnitedHealth Group's CEO Andrew Witty told lawmakers last year that the hackers accessed Change's systems with a stolen account credential.
This credential was not protected with multi-factor authentication, which allowed the cybercriminals to gain unauthorized access and steal data.