United Health confirms largest ever US healthcare data breach, says 100 million users had info stolen

1 week ago

Image credit: Pixabay (Image credit: Future)

The number of group affected by nan Change Healthcare ransomware onslaught earlier successful 2024 is now thought to person affected astir 100 cardinal people, caller reports person confirmed.

The attack connected Change Healthcare took spot successful February 2024, and is now thought to beryllium nan astir disruptive ransomware attacks ever to onslaught nan US healthcare manufacture aft nan US Department of Health and Human Services Office for Civil Rights updated nan number connected its information breach portal to 100 million.

"On October 22, 2024, Change Healthcare notified OCR that astir 100 cardinal individual notices person been sent regarding this breach," nan Office for Civil Rights stated connected its FAQ page.

Snowflake and MFA

The onslaught saw an connection of nan dreaded ALPHV ransomware statement (AKA BlackCat) breach Change Healthcare to bargain 6TB of delicate customer data.

The accusation stolen included wellness security accusation (health plans and policies, security companies, different ID numbers, Medicaid-Medicare-government payor ID numbers), wellness accusation (medical grounds numbers, diagnoses, tests and results, attraction and curen data, medicines), billing, claims, and costs accusation (claim numbers, relationship numbers, costs cards, financial and banking information, and more), and different personally identifiable accusation (Social Security Numbers, driver’s licence numbers, and more).

Change Healthcare ended up paying $22 cardinal successful ransom successful speech for nan data. The money ne'er made it to nan affiliates responsible for nan attack, and was alternatively grabbed by nan ransomware’s operators (who were only to person a information of nan payment), which later unopen down its infrastructure and disappeared, leaving nan connection holding nan data.

That connection later started their ain ransomware cognition and are coming known arsenic RansomHub - and since RansomHub ne'er posted nan stolen data, galore estimate that a 2nd ransom whitethorn person been paid.

Sign up to nan TechRadar Pro newsletter to get each nan apical news, opinion, features and guidance your business needs to succeed!

The cyberattack sent ripples passim nan healthcare system, preventing doctors and pharmacies from filing claims, and preventing pharmacies from accepting discount cards.

Via BleepingComputer

More from TechRadar Pro

Yet different hacker group demands ransom from Change Healthcare
Here's a database of nan best firewalls today
These are nan best endpoint protection tools correct now

Sead is simply a seasoned freelance journalist based successful Sarajevo, Bosnia and Herzegovina. He writes astir IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, information breaches, laws and regulations). In his career, spanning much than a decade, he’s written for galore media outlets, including Al Jazeera Balkans. He’s besides held respective modules connected contented penning for Represent Communications.

Source Technology