Breach, Critical Infrastructure Security, Data Security

More than 100M impacted by record-breaking Change Healthcare hack

Share
Supply Chain Attacks on Hospitals

UnitedHealth Group has disclosed that over 100 million individuals had their sensitive data compromised as a result of the February attack by the now-defunct ALPHV/BlackCat ransomware operation against its subsidiary Change Healthcare, making the incident the largest U.S. healthcare data breach yet, reports TechCrunch.

Investigation into the incident revealed that infiltration of Change Healthcare's employee systems through stolen credentials without multi-factor authentication enabled the eventual compromise of the firm's network with ransomware, resulting in network disruptions that persist to this day. On the other hand, a copy of the stolen data obtained from ALPHV/BlackCat after the payment of a $22 million ransom confirmed the exfiltration of individuals' names, birthdates, addresses, Social Security numbers, diagnoses, imaging and care treatment plans, and financial and banking information, among others. "We continue to notify potentially impacted individuals as quickly as possible, on a rolling basis, given the volume and complexity of the data involved and the investigation is still in its final stages," said UnitedHealth spokesperson Tyler Mason.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.