In February, a massive ransomware attack on Change Healthcare, a major processor of U.S. health insurance and medical records, led to the theft of private health information of over 100 million individuals.

This cyberattack caused widespread disruptions and is now regarded as the largest digital theft of medical records in U.S. history.

UnitedHealth Group (UHG), the owner of Change Healthcare, confirmed the breach, which impacted a significant portion of Americans. The U.S. Department of Health and Human Services updated the breach data on its portal, revealing the full extent of the damage. UHG has been notifying affected individuals since July, a process that continued through October.

Buy Me A Coffee

The stolen data includes sensitive personal and medical information, such as names, Social Security numbers, medical diagnoses, and health insurance details. Change Healthcare, handling a third of U.S. medical records, became a prime target for cybercriminals. The ransomware gang responsible, ALPHV/BlackCat, reportedly extorted a $22 million ransom from UHG. Despite paying the ransom, it remains unclear if the stolen data was deleted, as other extortion gangs are known to keep such information.

The U.S. government has ramped up efforts to catch the hackers, even offering a $10 million reward for information on ALPHV/BlackCat’s whereabouts. However, the gang remains active despite earlier attempts to shut down their dark web site.

Lawmakers are now scrutinizing UHG’s security practices, particularly the lack of multi-factor authentication (MFA), which allowed the hackers to gain access using stolen credentials. The breach has sparked concerns over the consolidation of healthcare data under UHG, which merged Change Healthcare with its subsidiary Optum in 2022.

READ
Hackers Breach ESET’s Israeli Partner to Launch Phishing Attack with Data Wipers