close
close

UnitedHealth Ransomware Attack Exposed 100 Million People

Posted on by Larry
UnitedHealth Ransomware Attack Exposed 100 Million People

PCMag editors select and review products independent. If you buy through affiliate links we may earn commissions, which help support us testing.

Data on more than 100 million people was exposed because of the ransomware attack on UnitedHealth subsidiary Change Healthcare earlier this year, according to a document from the U.S. Department of Health and Human Services’ Office for Civil Rights.

The office is investigating the February incident. The new data confirms earlier estimates from UnitedHealth CEO Andrew Witty, who said in April that data on “perhaps a third” of people in America or a “substantial portion of people” in the country had become public during the attack . The health insurer has notified those whose data has been affected since July and has continued to do so through October.

“We continue to notify potentially affected individuals as quickly as possible on a rolling basis given the volume and complexity of the data involved and the investigation is still in its final stages,” said UnitedHealth Group representative Tyler Mason. told TechCrunch in a statement.

Personal information such as names and physical addresses, dates of birth, social security numbers, driver’s license numbers and passport numbers were stolen in the breachtogether with contact details such as telephone numbers and email addresses. Medical data was also stolen, along with some financial and banking information contained in various documents.

Stolen data can be used by cybercriminals for their behavior identity theft or target victims with personalized scams, phishing attacksor scam calls. It can also be resold to other entities, who can then use that data to spam or scam those on the list.

The attack also forced the insurance company to seize its computer systems offline for about a monthdiscontinuing pharmacy services, billing and other medical services that require computer access.

UnitedHealth had paid two ransoms to prevent the stolen data from being published, including one $22 million ransom, but had failed somewhat because some of the data was shared online. It is also difficult to verify whether ransomware attackers actually delete the stolen data after securing the ransom. But thanks to the data the healthcare provider collected, he was able to determine who was affected by the breach – and add up those huge numbers.

Hackers in the AlphV/BlackCat ransomware group exploited a flaw in Citrix remote access software to access Change Healthcare’s systems and hold 4TB of data for ransom. The aftermath of the attack is expected to be the same costs UnitedHealth somewhere between $2.3 billion and $2.5 billion.