Close Menu
TechBrunchTechBrunch
  • Home
  • AI
  • Apps
  • Crypto
  • Security
  • Startups
  • TechCrunch
  • Venture

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

What's Hot

iOS 19: All the rumor changes that Apple could bring to the new operating system

June 7, 2025

The Trump administration is aiming for Biden and Obama's cybersecurity rules

June 7, 2025

WWDC 2025: What to expect from this year's meeting

June 7, 2025
Facebook X (Twitter) Instagram
TechBrunchTechBrunch
  • Home
  • AI

    OpenAI seeks to extend human lifespans with the help of longevity startups

    January 17, 2025

    Farewell to the $200 million woolly mammoth and TikTok

    January 17, 2025

    Nord Security founder launches Nexos.ai to help enterprises move AI projects from pilot to production

    January 17, 2025

    Data proves it remains difficult for startups to raise capital, even though VCs invested $75 billion in the fourth quarter

    January 16, 2025

    Apple suspends AI notification summaries for news after generating false alerts

    January 16, 2025
  • Apps

    iOS 19: All the rumor changes that Apple could bring to the new operating system

    June 7, 2025

    WWDC 2025: What to expect from this year's meeting

    June 7, 2025

    Trump Mask feud was perfect for X and jumped on the app store chart

    June 6, 2025

    iOS 19: All the rumor changes that Apple could bring to the new operating system

    June 6, 2025

    WWDC 2025: What to expect from this year's meeting

    June 6, 2025
  • Crypto

    xNotify Polymarket as partner in the official forecast market

    June 6, 2025

    Circle IPOs are giving hope to more startups waiting to be published to more startups

    June 5, 2025

    GameStop bought $500 million in Bitcoin

    May 28, 2025

    Vote for the session you want to watch in 2025

    May 26, 2025

    Save $900 + 90% from 2 tickets to destroy 2025 in the last 24 hours

    May 25, 2025
  • Security

    The Trump administration is aiming for Biden and Obama's cybersecurity rules

    June 7, 2025

    After data is wiped out, Kiranapro co-founders cannot rule out external hacks

    June 7, 2025

    Humanity appoints national security experts to governing trusts

    June 6, 2025

    Italian lawmakers say Italy used spyware to target immigrant activists' mobile phones, but not for journalists

    June 6, 2025

    Humanity unveils custom AI models for US national security customers

    June 5, 2025
  • Startups

    7 days left: Founders and VCs save over $300 on all stage passes

    March 24, 2025

    AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

    March 24, 2025

    20 Hottest Open Source Startups of 2024

    March 22, 2025

    Andrill may build a weapons factory in the UK

    March 21, 2025

    Startup Weekly: Wiz bets paid off at M&A Rich Week

    March 21, 2025
  • TechCrunch

    OpenSea takes a long-term view with a focus on UX despite NFT sales remaining low

    February 8, 2024

    AI will save software companies' growth dreams

    February 8, 2024

    B2B and B2C are not about who buys, but how you sell

    February 5, 2024

    It's time for venture capital to break away from fast fashion

    February 3, 2024

    a16z's Chris Dixon believes it's time to focus on blockchain use cases rather than speculation

    February 2, 2024
  • Venture

    Why investing in a growing AI startup is risky and more complicated

    June 6, 2025

    Startup Battlefield 200: Only 3 days left

    June 6, 2025

    Book all TC Stage Exhibitor Tables before ending today

    June 6, 2025

    Less than 48 hours left until display at TC at all stages

    June 5, 2025

    TC Session: AI will be on sale today at Berkeley

    June 5, 2025
TechBrunchTechBrunch

UnitedHealth Announces Change Healthcare Data Breach Affects More than 100 Million Americans

TechBrunchBy TechBrunchOctober 24, 20246 Mins Read
Facebook Twitter Pinterest Telegram LinkedIn Tumblr WhatsApp Email
Share
Facebook Twitter LinkedIn Pinterest Telegram Email


In February, a ransomware attack against Change Healthcare resulted in more than 100 million individuals having their personal medical information stolen. This cyberattack caused months of unprecedented outages and widespread disruption across the U.S. healthcare industry.

UnitedHealth Group, the US health insurer that owns health tech companies, has disclosed data on a large number of individuals, after previously saying it expected the data breach to include data on a “significant proportion of people”. This is the first time I have exposed myself to a breach. In America. ”

The U.S. Department of Health and Human Services first reported the latest numbers on its data breach portal Thursday.

UHG spokesman Tyler Mason did not respond to a request for comment.

The ransomware attack and data breach at Change Healthcare is the largest known digital theft of U.S. medical records and one of the largest data breaches in living history. The impact on the millions of Americans whose personal medical information has been irretrievably stolen is likely to last a lifetime.

UHG began notifying affected individuals in late July, which continued through October.

While the personal data stolen varies from person to person, Change previously reported that personal information such as name and address, date of birth, phone number, and email address, as well as government information including Social Security number, driver's license, and passport number, were stolen. I made sure to include my ID. Stolen health data includes diagnoses, medications, test results, imaging, care and treatment plans, health insurance information, as well as financial and banking information contained in claims and payment data harvested by criminals. .

Change Healthcare processes patient insurance and claims across the U.S. healthcare sector, including thousands of hospitals, pharmacies and medical practices, and is one of the largest providers of health, medical data and patient records. As a result, Change handles vast amounts of health and medical information on about one-third of all Americans, CEO Andrew Whitty told lawmakers in May.

The cyberattack became public on February 21, when Change Healthcare took much of its network offline to thwart the intruders, and the U.S. healthcare industry relied on Change to process patient insurance and claims. There was an immediate outage across the board.

UHG attributed the cyberattack to ALPHV/BlackCat, a Russian-speaking ransomware and extortion gang that was later held responsible for the cyberattack.

The ransomware gang's leaders fled with a $22 million ransom paid by the health insurance giant, then disappeared and blackmailed the group's contractors who carried out the Change Healthcare hack as a new source of income. . The contractors took the data stolen from Change Healthcare, formed a new group, extorted a second ransom from UHG, and in the process published some of the stolen files online to prove the threat. .

There is no evidence that the cybercriminals subsequently deleted the data. Other extortion gangs, including Rockbit, have been found to keep stolen data even after victims have paid and criminals have claimed to have deleted the data.

Upon paying the ransom, Change obtained a copy of the stolen datasets. This allows the company to identify and notify affected individuals whose information is found within the data.

The US government's efforts to capture the hackers behind ALPHV/BlackCat, one of today's most prolific ransomware groups, have so far failed. The gang bounced back in 2023 after conducting a takedown operation to seize the gang's dark web leak site.

Months after the Change Healthcare breach, the U.S. State Department increased the reward for information on the ALPHV/BlackCat cybercriminals' whereabouts to $10 million.

Corporate integration and security vulnerabilities are blamed for data breaches

As Change Healthcare continues to recover from the February cyberattack, parts of its network remain offline. Lawmakers are also investigating this breach and its impact on the millions of Americans whose health data was irreversibly stolen.

At a House hearing on the April cyberattack, UnitedHealth CEO Whitty said cybercriminals used stolen credentials that were not protected by multi-factor authentication (MFA). Admitted to breaking into one of the employee systems. Exploitation of password theft.

By gaining access to critical internal systems using only stolen passwords, the ransomware gang was able to reach other parts of Change Healthcare's network and deploy ransomware.

UnitedHealth CEO Andrew Whitty testifies before the Senate Finance Committee on May 1, 2024 on Capitol Hill in Washington, DC.UnitedHealth CEO Andrew Whitty testifies before the Senate Finance Committee on Capitol Hill on May 1, 2024 in Washington, DC. Image credit: Kent Nishimura/Getty Images

It is unclear why the systems were not protected by MFA, but this will continue to be a key part of the ongoing investigation by lawmakers and the government. Whitty told lawmakers that the organization became active after the cyber attack and is now enforcing MFA.

Lawmakers focused on how UHG processes large amounts of data and generates vast amounts of revenue, saying it fails in basic cybersecurity.

According to its 2023 full-year earnings report, UHG made a profit of $22 billion on revenue of $371 billion. UHG CEO Whitty received $23.5 million in executive compensation that year.

While the lack of MFA was exploited in this case, the sheer volume and richness of the highly sensitive data that Change Healthcare collects and stores makes it a target in its own right, the lawmakers said.

Change Healthcare merged with U.S. healthcare provider Optum in 2022 as part of a $7.8 billion deal by UnitedHealth Group. The agreement between UHG's two leading healthcare companies gives Optum, which owns physician groups and provides technology and data to insurance companies and healthcare services, broad access to Change's patient records. Ta.

In total, UnitedHealth Group provides benefit plans to more than 53 million customers in the U.S. and an additional 5 million customers outside the U.S., according to its latest full-year earnings report. . Optum serves approximately 103 million customers in the United States.

The partnership faced scrutiny from U.S. federal antitrust authorities, who filed a lawsuit to block UHG's acquisition of Change Healthcare and its merger with Optum, with UnitedHealth claiming “about half of each citizen's health insurance claims.” They argued that gaining access to this would give them an unfair competitive advantage. year. “A judge ultimately approved the deal.

The Justice Department reportedly began ramping up its investigation into UHG and its potential anti-competitive practices in the months before the Change Healthcare hack.

read more:



Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

The Trump administration is aiming for Biden and Obama's cybersecurity rules

June 7, 2025

After data is wiped out, Kiranapro co-founders cannot rule out external hacks

June 7, 2025

Humanity appoints national security experts to governing trusts

June 6, 2025

Italian lawmakers say Italy used spyware to target immigrant activists' mobile phones, but not for journalists

June 6, 2025

Humanity unveils custom AI models for US national security customers

June 5, 2025

Unlock phone company Cellebrite to acquire mobile testing startup Corellium for $170 million

June 5, 2025

Leave A Reply Cancel Reply

Top Reviews
Editors Picks

7 days left: Founders and VCs save over $300 on all stage passes

March 24, 2025

AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

March 24, 2025

20 Hottest Open Source Startups of 2024

March 22, 2025

Andrill may build a weapons factory in the UK

March 21, 2025
About Us
About Us

Welcome to Tech Brunch, your go-to destination for cutting-edge insights, news, and analysis in the fields of Artificial Intelligence (AI), Cryptocurrency, Technology, and Startups. At Tech Brunch, we are passionate about exploring the latest trends, innovations, and developments shaping the future of these dynamic industries.

Our Picks

iOS 19: All the rumor changes that Apple could bring to the new operating system

June 7, 2025

The Trump administration is aiming for Biden and Obama's cybersecurity rules

June 7, 2025

WWDC 2025: What to expect from this year's meeting

June 7, 2025

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

© 2025 TechBrunch. Designed by TechBrunch.
  • Home
  • About Tech Brunch
  • Advertise with Tech Brunch
  • Contact us
  • DMCA Notice
  • Privacy Policy
  • Terms of Use

Type above and press Enter to search. Press Esc to cancel.