38/68 Tuesday, January 28, 2025
UnitedHealth Group revealed that the personal and health data of over 190 million individuals were stolen in a cyberattack targeting Change Healthcare, a subsidiary of the company. This breach marks the largest data leak in U.S. history, with the figure significantly higher than the initial estimate of 100 million affected individuals. While there is no evidence that the stolen data has been misused, the exposed information includes health insurance details, medical records, and personal identifiers such as Social Security numbers and addresses.
The attack occurred in February 2024 and was attributed to the BlackCat ransomware gang (ALPHV). The attackers exploited a system vulnerability caused by the lack of multi-factor authentication (MFA), stealing 6 TB of data and encrypting IT systems. This disruption impacted medical services and billing processes across the U.S. UnitedHealth reportedly paid a ransom of $22 million to prevent the data from being leaked. However, the attackers violated their agreement, collaborating with a new group called RansomHub to demand additional payments.
The breach resulted in financial losses exceeding $2.45 billion for UnitedHealth during the first nine months of 2024. This incident underscores the urgent need for enhanced cybersecurity measures in large organizations, particularly in the healthcare sector, which handles highly sensitive and critical data.
