United Healthcare data breach may have affected 190 million Americans

News
By
published

Some 190 million people thought to have been affected by the attack

Lock on Laptop Screen
(Image credit: Shutterstock.com) (Image credit: Future)
  • United Healthcare data breach affected around 190 million people
  • The number initially hovered at around 100 million
  • The majority of the victims have been notified already

The number of people affected by the 2024 Change Healthcare cyberattack is almost double the previous estimates, and now sits at approximately 190 million, the company has admitted.

“Change Healthcare has determined the estimated total number of individuals impacted by the Change Healthcare cyberattack is approximately 190 million,” said Tyler Mason, a spokesperson for UnitedHealth Group.

“The vast majority of those people have already been provided individual or substitute notice. The final number will be confirmed and filed with the Office for Civil Rights at a later date.”

ALPHV and RansomHub

Hackers would usually abuse this data in phishing attacks, business email compromise, wire fraud, and other forms of cyberattack, but so far it hasn’t happened, Mason added.

He said the company was, “not aware of any misuse of individuals’ information as a result of this incident and has not seen electronic medical record databases appear in the data during the analysis.”

In this context, it is worth saying that the company paid the ransom demand to the attackers.

When Change Healthcare suffered a ransomware attack in early 2024, it was believed an affiliate of the ALPHV operation was behind the attack. ALHPV, AKA BlackCat, was a notorious operator that worked on a as-a-service model, sharing the spoils with whomever managed to breach a victim and deploy their code.

However, when an affiliate struck Change Healthcare, and managed to extort it for $22 million, things changed. Instead of sharing the spoils, ALPHV’s operators took it all and disappeared from the face of the earth. The affiliate, which was left holding gigabytes of sensitive data, later rebranded to RansomHub, and became one of the greater threats.

They demanded a second payment, but it is unclear if that ever happened. RansomHub did remove Change Healthcare’s entry from its data leak site, suggesting that the victim firm may have paid it.

Via TechCrunch

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.