UnitedHealth has revealed that 190 million Individuals had their private and healthcare information stolen within the Change Healthcare ransomware assault, almost doubling the beforehand disclosed determine.
In October, UnitedHealth reported to the US Division of Well being and Human Providers Workplace for Civil Rights that the assault affected 100 million folks. Nevertheless, as first reported by TechCrunch, UnitedHealth confirmed on Friday that the determine has almost doubled to 190 million.
“Change Healthcare has determined the estimated total number of individuals impacted by the Change Healthcare cyberattack is approximately 190 million,” UnitedHealth Group advised TechCrunch.
“The vast majority of those people have already been provided individual or substitute notice. The final number will be confirmed and filed with the Office for Civil Rights at a later date.”
Whereas UnitedHealth says that there aren’t any indications that the menace actors have misused the stolen information, the sheer amount of delicate info stolen within the assault is huge.
This stolen information contains sufferers’ medical health insurance info, medical data, billing and cost info, and delicate private info, similar to telephone numbers, addresses, and, in some circumstances, Social Safety Numbers and authorities ID numbers.
The ransomware assault on UnitedHealth’s subsidiary, Change Healthcare, is the most important healthcare information breach in US historical past.
The Change Healthcare ransomware assault
In February 2024, UnitedHealth subsidiary Change Healthcare suffered a large ransomware assault, resulting in widespread disruption to america healthcare system.
This disruption prevented docs and pharmacies from submitting claims and pharmacies from accepting low cost prescription playing cards, inflicting sufferers to pay full worth for medicines.
It was later realized that the BlackCat ransomware gang, aka ALPHV, was behind the assault. The menace actors used stolen credentials to breach the corporate’s Citrix distant entry service, which didn’t have multi-factor authentication enabled.
After breaching the community, the menace actors stole 6 TB of knowledge and encrypted computer systems, inflicting the corporate to close down IT programs and its on-line platforms for billing, claims, and prescription achievement.
The UnitedHealth Group later confirmed it paid a ransom to obtain a decryptor and to forestall the menace actors from publicly releasing the stolen information. This ransom cost was allegedly $22 million, in accordance with the BlackCat ransomware affiliate who carried out the assault.
This ransom cost was speculated to be cut up between the affiliate and the ransomware operators, however the BlackCat out of the blue shut down in an exit rip-off, stealing all the cost for themselves.
That is the place it bought worse for UnitedHealth, because the menace actor behind the assault acknowledged that they didn’t delete the stolen information as promised.
The attacker then partnered with a brand new ransomware operation named RansomHub and commenced leaking among the stolen information, demanding a further cost for the info to not be launched.
Just a few days later, the Change Healthcare entry on RansomHub’s information leak website mysteriously disappeared, indicating that United Well being possible paid a second ransom demand.
UnitedHealth mentioned in April that the Change Healthcare ransomware assault brought about $872 million in losses, which elevated as a part of the Q3 2024 earnings to an anticipated $2.45 billion for the 9 months to September 30, 2024,
