Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Change Healthcare Data Breach Impact Grows to 190 Million Individuals

The impact of the Change Healthcare ransomware-caused data breach has increased from 100 million to 190 million individuals.

UnitedHealth Change Healthcare data breach impact

UnitedHealth Group has revealed that the number of individuals impacted by the Change Healthcare data breach resulting from a February 2024 ransomware attack is approximately 190 million. 

The healthcare technology giant previously reported that the incident impacted roughly 100 million people, making it the biggest healthcare data breach of 2024 by far. Now, the company estimates that 190 million individuals have actually been impacted by the cyberattack.

“The vast majority of those people have already been provided individual or substitute notice,” UnitedHealth told SecurityWeek in an emailed statement. 

“Change Healthcare is not aware of any misuse of individuals’ information as a result of this incident and has not seen electronic medical record databases appear in the data during the analysis. Support resources and information are available at changecybersupport.com,” the company added.

The security breach occurred in February, when, according to UnitedHealth, cybercriminals used compromised credentials to enter a remote access portal that was not protected by multi-factor authentication.

The attackers, affiliates of the Alphv/BlackCat ransomware group, had access to the healthcare organization’s systems for nine days — in this time frame they moved laterally and exfiltrated sensitive patient data — before deploying file-encrypting malware.

UnitedHealth paid a $22 million ransom to prevent a data leak, but the BlackCat group pulled an exit scam to avoid sharing the ransom with the affiliate that conducted the attack.  

This led to another major ransomware group, RansomHub, attempting to extort the healthcare giant in April and publishing some of the stolen files. 

Advertisement. Scroll to continue reading.

According to the most recent estimates made by Change Healthcare, the cyberattack had been expected to cause losses totaling nearly $2.9 billion. That amount may increase in light of the new revelations. 

Prior to Change Healthcare’s new impact estimation, the US Department of Health and Human Services’ Office for Civil Rights received information about more than 700 healthcare data breaches impacting roughly 186 million user records. However, with this new estimate, the total number of impacted records exceeds 275 million. 

Change Healthcare told SecurityWeek that “the final number will be confirmed and filed with the Office for Civil Rights at a later date”.

Related: US Offering $10 Million Reward for Information on Change Healthcare Hackers

Related: Major Addiction Treatment Firm BayMark Confirms Ransomware Attack Caused Data Breach

Related: Medical Billing Firm Medusind Says Data Breach Impacts 360,000 People

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

The US arm of networking giant TP-Link has appointed Adam Robertson as Director of Information and Security.

Cyber exposure management firm Armis has promoted Alex Mosher to President.

Software giant Atlassian has named David Cross as its new CISO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.