CyberSecurity news
FlagThis
Dissent@DataBreaches.Net
//
UnitedHealth Group has confirmed that a ransomware attack on its subsidiary, Change Healthcare, in February 2024 has impacted approximately 190 million Americans, nearly doubling the initial estimate of 100 million. This makes it the largest healthcare data breach in US history, far surpassing the 2015 Anthem Inc. breach which exposed 78.8 million records. The incident underscores the severe cybersecurity vulnerabilities within the healthcare sector, highlighting the immense risks associated with large healthcare organizations. Change Healthcare, a major player in healthcare technology, processes around 40% of all medical claims annually and handles a vast amount of sensitive patient and medical information.
The breach, attributed to the ALPHV, also known as Black Cat ransomware group, stemmed from compromised credentials on Citrix remote-access software due to a lack of multi-factor authentication. Sensitive data including names, addresses, dates of birth, Social Security numbers, driver’s license numbers, and medical records such as health insurance details, patient diagnoses, test results, and treatment information was stolen. The company reportedly paid $22 million in ransom to prevent further data leaks. While UnitedHealth states they have not found evidence of misuse, the scale of the breach and the sensitive nature of the compromised data remains concerning, especially with the attack resulting in 6TB of exfiltrated data.
References :
The breach, attributed to the ALPHV, also known as Black Cat ransomware group, stemmed from compromised credentials on Citrix remote-access software due to a lack of multi-factor authentication. Sensitive data including names, addresses, dates of birth, Social Security numbers, driver’s license numbers, and medical records such as health insurance details, patient diagnoses, test results, and treatment information was stolen. The company reportedly paid $22 million in ransom to prevent further data leaks. While UnitedHealth states they have not found evidence of misuse, the scale of the breach and the sensitive nature of the compromised data remains concerning, especially with the attack resulting in 6TB of exfiltrated data.
Share:
References :
- ciso2ciso.com: UnitedHealth Group’s Massive Data Breach Impacts 190 Million Americans – Source:hackread.com
- techcrunch.com: UnitedHealth says the ransomware attack on its Change Healthcare unit in February 2024 affected ~190M people, nearly double its previous estimate of 100M (Zack Whittaker/TechCrunch)
- Techmeme: UnitedHealth says the ransomware attack on its Change Healthcare unit in February 2024 affected ~190M people, nearly double its previous estimate of 100M (Zack Whittaker/TechCrunch)
- ciso2ciso.com: UnitedHealth Group’s Massive Data Breach Impacts 190 Million Americans
- jbz: â ¢ has confirmed the attack on its Change Healthcare unit last February affected around 190 million people in America — nearly double previous estimates ï £
- hackread.com: UnitedHealth Group has confirmed that a ransomware attack targeted its subsidiary, Change Healthcare, in February 2024, impacting 190 million Americans
- www.techmeme.com: TechCrunch article reporting on UnitedHealth’s confirmation that the ransomware attack affected 190 million people.
- securityonline.info: UnitedHealth Group has confirmed a ransomware attack on its subsidiary, Change Healthcare, in February 2024, impacting approximately 190 million Americans.
- Pyrzout :vm:: Change Healthcare data breach exposed the private data of over half the U.S. – Source: securityaffairs.com
- TechSpot: UnitedHealth updates data breach impact to 190 million people, nearly doubling previous estimate
- securityaffairs.com: Change Healthcare data breach exposed the private data of over half the U.S.
- DataBreaches.Net: UnitedHealth estimates 190M people impacted by Change Healthcare cyberattack
- Zack Whittaker: UnitedHealth has confirmed the ransomware attack and data breach on its Change Healthcare subsidiary in February 2024 now affects around 190 million people — almost double the previous estimate.
- ciso2ciso.com: Change Healthcare data breach exposed the private data of over half the U.S.
- www.bleepingcomputer.com: UnitedHealth has revealed that 190 million Americans had their personal and healthcare data stolen in the Change Healthcare ransomware attack, nearly doubling the previously disclosed figure.
- bsky.app: UnitedHealth has revealed that 190 million Americans had their personal and healthcare data stolen in the Change Healthcare ransomware attack, nearly doubling the previously disclosed figure.
- ciso2ciso.com: Change Healthcare Breach Impact Doubles to 190M People
- BleepingComputer: UnitedHealth has revealed that 190 million Americans had their personal and healthcare data stolen in the Change Healthcare ransomware attack, nearly doubling the previously disclosed figure.
- ciso2ciso.com: New evidence suggests that more than half of the US population was touched by the ransomware attack(s) against UnitedHealth subsidiary Change Healthcare.
Classification:
- HashTags: #DataBreach #Ransomware #Healthcare
- Company: UnitedHealth
- Target: 190 Million Americans
- Product: Change Healthcare
- Feature: Data Breach
- Type: DataBreach
- Severity: Disaster