UnitedHealth says data of 100M stolen in Change Healthcare hack
UnitedHealth confirmed a ransomware attack on Change Healthcare compromised data of over 100 million individuals, including sensitive information. The breach's financial impact is projected at $2.45 billion.
Read original article
UnitedHealth has confirmed that over 100 million individuals had their personal and healthcare data compromised in a ransomware attack on its subsidiary, Change Healthcare. This incident is now recognized as one of the largest healthcare data breaches in recent history. The breach, which occurred in February, was attributed to the BlackCat ransomware group, which exploited vulnerabilities in Change Healthcare's remote access systems. The stolen data includes sensitive information such as health insurance details, medical records, billing information, and personal identifiers like Social Security numbers. Following the attack, UnitedHealth reportedly paid a ransom of $22 million to retrieve the data, but complications arose when the ransomware group failed to delete the stolen information as promised. The financial impact of the breach has escalated, with losses projected to reach $2.45 billion for the first nine months of 2024. The U.S. Department of Health and Human Services has updated its records to reflect the scale of the breach, confirming that notifications have been sent to approximately 100 million individuals affected.
- Over 100 million individuals' data was stolen in the Change Healthcare breach.
- The breach was caused by a ransomware attack from the BlackCat group.
- Sensitive information compromised includes health insurance and personal identification data.
- UnitedHealth paid a ransom of $22 million but faced further complications with data security.
- Financial losses from the breach are projected to reach $2.45 billion.
Related
Ransomware Gang Leaks Data Allegedly Stolen from Florida Department of Health
The Ransomhub ransomware gang leaked over 100GB of data from the Florida Department of Health due to missed ransom payment. Sensitive information was exposed, impacting services. Florida DOH confirmed the cyber incident.
Change Healthcare starts sending data breach notifications after cyberattack
Change Healthcare notifies customers of a data breach exposing medical, payment, and personal data. The cyberattack in February disrupted healthcare operations. UnitedHealth faces criticism for delayed breach notifications.
The biggest data breaches in 2024: 1B stolen records and rising
In 2024, data breaches exposed over 1 billion records. AT&T, Change Healthcare, and Synnovis faced breaches, impacting customer data security. Snowflake's involvement in multiple breaches raises concerns about data protection.
Why corporations won't spend enough to safeguard your private info
AT&T and UnitedHealth Group faced data breaches compromising customer and patient data, revealing lax cybersecurity practices. Experts stress the need for stricter safeguards and regulatory intervention to address vulnerabilities.
Change Healthcare hack affects over 100M, largest-ever US healthcare data breach
A ransomware attack on Change Healthcare in February 2024 compromised private health information of over 100 million individuals, marking the largest healthcare data breach in U.S. history.
11 commentsThere is no competition in the marketplace. We need to either nationalize them or break them up. These ransomware groups are small-time compared to a nation-state adversary in wartime. At this point it's a national security issue.
Am I reading that ransom payout correctly? Or are "losses" divided among other things?
TLDR Qubes OS is a security focused operating system that is geared towards end users. It relies on isolation via the Xen hypervisor (has much less privileged code than Linux, Windows, or Mac kernels), and uses hardware based virtualization features of the CPU as well. E.g. it prevents a compromised network card from accessing the memory of a trusted virtual machine through DMA attacks as an example
And ultimately it incorporates this isolation into a seamless user interface as well
I'm guessing the primary feature that would protect against ransomware is that it allows on to open suspicious links in disposable VMs
"Privacy matters to Change Healthcare, so we follow a privacy framework that helps us to manage and protect your personal information in the products and services we provide."
I guess this speaks for itself. /s
Related
Ransomware Gang Leaks Data Allegedly Stolen from Florida Department of Health
The Ransomhub ransomware gang leaked over 100GB of data from the Florida Department of Health due to missed ransom payment. Sensitive information was exposed, impacting services. Florida DOH confirmed the cyber incident.
Change Healthcare starts sending data breach notifications after cyberattack
Change Healthcare notifies customers of a data breach exposing medical, payment, and personal data. The cyberattack in February disrupted healthcare operations. UnitedHealth faces criticism for delayed breach notifications.
The biggest data breaches in 2024: 1B stolen records and rising
In 2024, data breaches exposed over 1 billion records. AT&T, Change Healthcare, and Synnovis faced breaches, impacting customer data security. Snowflake's involvement in multiple breaches raises concerns about data protection.
Why corporations won't spend enough to safeguard your private info
AT&T and UnitedHealth Group faced data breaches compromising customer and patient data, revealing lax cybersecurity practices. Experts stress the need for stricter safeguards and regulatory intervention to address vulnerabilities.
Change Healthcare hack affects over 100M, largest-ever US healthcare data breach
A ransomware attack on Change Healthcare in February 2024 compromised private health information of over 100 million individuals, marking the largest healthcare data breach in U.S. history.