UnitedHealth cyberattack affected 100 million, US government says
The ALPHV (BlackCat) cyberattack on the technology unit of the subsidiary of major US healthcare provider UnitedHealth, Change Healthcare, affected the data of 100 million people.
According to the US Department of Health and Human Services, the large number of people affected means the UnitedHealth data breach was the largest healthcare data breach to ever hit the US.
Before the latest announcement, UnitedHealth said the incident may have caused threat actors to exfiltrate the data of a third of all Americans.
According to previous posts, the exposed data may have included Social Security numbers, health insurance member IDs, treatment details, patient diagnoses, and health provider billing codes.
UnitedHealth began notifying those affected in June and has now said the investigation is reaching its final stages.
The UnitedHealth incident was first detected in February, when the company discovered that threat actors had gained access to the network of its subsidiary, Change Healthcare.
Although originally believed to have been carried out by a state-sponsored threat actor, the incident was claimed by the ALPHV ransomware gang.
When UnitedHealth paid the ransom to the threat group, ALPHV went dark and defrauded its affiliate behind the $22 million payment breach.
Following this, the RansomHub gang claimed responsibility for the incident and initially requested another ransomware payment. He finally put the data up for sale.
In April, UnitedHealth said the incident had caused a loss of $872 million.