Insurance company UnitedHealth Group is confirming a ransomware attack earlier this year affected the private data of over 100 million people. The number was published in the US Department of Health and Human Services Office of Civil Rights (OCR) Breach Report on Thursday, making it the largest healthcare data breach on the list.
- Home
- Technology
- News
UnitedHealth data breach leaked info on over 100 million people
UnitedHealth’s Change Healthcare told the US Health Department it has sent over 100 million notices to people regarding the February ransomware breach.


Hacker group Blackcat, also known as ALPHV, claimed responsibility for the February attack on Change Healthcare that caused widespread disruptions for healthcare providers processing bills, claims, payroll, and prescriptions for weeks.
According to the HHS FAQs page, Change Healthcare told OCR on October 22nd that it’s sent people about 100 million individual notices regarding this breach.
Stolen information may include:
As reported by Bleeping Computer, UnitedHealth CEO Andrew Witty’s written testimony (PDF) to a House committee said the threat actors got in by using stolen credentials for a Citrix remote access service that lacked multifactor authentication.
On February 12, criminals used compromised credentials to remotely access a Change Healthcare Citrix portal, an application used to enable remote access to desktops. The portal did not have multi-factor authentication. Once the threat actor gained access, they moved laterally within the systems in more sophisticated ways and exfiltrated data. Ransomware was deployed nine days later.
UnitedHealth paid the group a $22 million ransom. However, another operation threatened to continue leaking the data and may have secured a second ransom payment.

Are moderate Democrats washed?
- 21 hours ago

Framework has good news and bad news
- a day ago
'Protecting the privacy of your phone number': WhatsApp will soon offer usernames
- a day ago
Mexico see off Ecuador to break 40-year World Cup curse
- 10 hours ago

Gold prices drop in Pakistan, global markets
- 10 hours ago
Heavy rain-lightning-flash floods kill two children, injure dozens in KP
- 9 hours ago

Should you keep practicing a religion even if you don’t believe?
- 21 hours ago
Sargodha Police rule out two murder suspects in Muntaha Zahra case
- 5 hours ago

Why gay guys are falling for AI thirst traps
- 21 hours ago
America's royal couple, Taylor and Travis, may wed this week
- a day ago

The US is better off than it was in 1976. So why does it feel worse?
- 21 hours ago
Iran says will respond to any US violation of memorandum of understanding
- a day ago







