UnitedHealth Group has confirmed a massive data breach, stemming from a ransomware attack on its subsidiary, Change Healthcare, in February 2024. This breach has impacted approximately 190 million Americans, nearly doubling the initial estimate, making it one of the largest healthcare data breaches in US history. This incident underscores the significant cybersecurity risks in the healthcare sector and the vulnerability of large healthcare organizations.
UnitedHealthcare’s Optum had an AI chatbot used by employees exposed to the internet. This chatbot, designed for employees to inquire about claims, was accessible publicly. The exposure raises concerns about the security of sensitive data and the potential for unauthorized access. This incident highlights the risks associated with deploying AI tools without adequate security measures. The AI chatbot exposure occurred amid broader scrutiny of UnitedHealthcare for its use of AI in claims denials.