UnitedHealth Pays Ransom After Cyberattack on Change Healthcare, Confirms Patient Data Breach

UnitedHealth Group announced on Monday that it has taken the extraordinary step of paying a ransom to cybercriminals in an attempt to safeguard patient data, following a cyberattack on its subsidiary, Change Healthcare, in February.

Confirming the breach, the company acknowledged that personal information files were compromised.

In a statement, UnitedHealth characterized the attack as the work of malicious threat actors and reiterated its cooperation with law enforcement and leading cybersecurity firms in the ongoing investigation.

UnitedHealth Care
New rumors that ransomware victim UnitedHealth Group (UHG) and its Optum division have forked over a $22 million ransom payment over the weekend to the ALPHV/BlackCat hackers are being circulated on the dark web. (Credit: Sergio

The decision to pay the ransom was described as part of the company’s unwavering commitment to shielding patient data from exposure.

While the exact amount of the ransom remains undisclosed, UnitedHealth, boasting more than 152 million customers, revealed that files containing protected health information and personally identifiable information had been accessed by the cybercriminals.

Described as potentially impacting a significant portion of the American population, the breach extends beyond UnitedHealth customers, as Change Healthcare processes a substantial volume of patient records annually.

Change Healthcare, specializing in payment and revenue cycle management tools, processes over 15 billion transactions yearly, with one in every three patient records flowing through its systems.

Consequently, individuals outside UnitedHealth’s clientele may also find themselves affected by the breach.

CEO of UnitedHealth care
CEO Andrew Witty is scheduled to testify before a House panel on May 1 about the Change Healthcare cyberattack (Credit: Ruben Sprich/ Reuters)

According to UnitedHealth, 22 screenshots allegedly depicting compromised files have surfaced on the dark web. While no other data has been made public, the company has not found evidence indicating access to doctors’ charts or complete medical histories.

Acknowledging the disruption and concern caused by the attack, UnitedHealth CEO Andrew Witty expressed the company’s commitment to assisting affected consumers and providers.

In response, the company has launched a dedicated website offering resources for concerned patients and established a call center to provide free identity theft protections and credit monitoring for two years.

However, due to the ongoing and intricate nature of the data review, the call center is unable to furnish specific details regarding individual data impacts, as stated by UnitedHealth.

Keval Dave
Keval Dave
Keval Dave, a university student majoring in Mass Communication, possesses a profound interest in politics and strategic affairs. His analytical prowess and dedication to understanding global dynamics drive his pursuit of knowledge.
Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x