Until now, the worst health care data breach occurred in 2015, which compromised 78.8 million people. But the ante has been upped.
The cyberattack in question has hit a new record of 100 million people affected — and just happens to have struck the largest health care company in the world (by revenue), UnitedHealth Group.
The actual incident happened in February 2024, when a ransomware attack caused disruptions at pharmacies all across the country, originally reported by Reuters. The target was Change Healthcare, a subsidiary of UnitedHealth Group that manages finances for medical providers. Cybercriminals reportedly found their way into the Change Healthcare employee system due to a lack of multi-factor authentication on login credentials.
A statement from the U.S. Senate Committee on Finance described the nightmarish results of the hack, which involved prescriptions going unfilled, doctors and hospitals not getting paid, and insurance companies unable to reimburse medical providers. “The Change Healthcare hack is considered by many to be the biggest cybersecurity disruption to health care in American history,” Sen. Ron Wyden, D-Oregon, said in the committee statement.
Approximately a third of all U.S. citizens are somehow connected to the organization, and that includes lots and lots of personal data. We all knew it was bad at the time, as the CEO of Change Healthcare said the stolen files included the personal health data for “a substantial proportion of people in America,” as reported by TechCrunch.
The attack was claimed to have been committed by the BlackCat ransomware gang, which was confirmed by Change Healthcare. A post on the dark web by the Russia-based group later claimed to have stolen the health and patient information of millions of Americans.
But now, the U.S. Department of Health and Human Services has updated the figure of those affected in its data breach portal to reveal just how bad it really is: a terrifying 100 million people. One industry journal even suggested that the round figure of 100 million could change in the future, as reported by DailyMail. Hopefully that means the actual number could be smaller, but it could just as easily go in the opposite direction.
The sheer scale makes the 5.3 million data breach that affected Mexican health care systems reported on just yesterday look negligible by comparison.
Related Posts
Acer reveals Veriton compact PC to tackle the Mac mini with AMD Ryzen and plenty of AI mojo
Acer is making a direct play in that space with the Veriton RA110 AI Mini Workstation, a compact desktop that runs on AMD's Ryzen AI Max+ 395 processor, aimed at the same desk-bound professional who wants power without the tower.
Acer’s Swift Air 14 is a peppy MacBook Neo rival with some cool upgrades and a $699 ask
At a time when even mainstream laptops are creeping toward four-figure price tags, Acer’s latest machine feels refreshingly straightforward. It’s aimed at students, remote workers, and anyone who wants a laptop that looks and feels expensive without draining their bank account. The Swift Air 14 is powered by Intel’s new Core Series 3 processors and delivers up to 19 hours of battery life. That’s the sort of endurance that could realistically get many users through a full workday and beyond without scrambling for a charger.
Google Drive can now batch-scan your documents and spare you a few other frustrations, too
Well, Google Drive's new document scanner redesign fixes all three problems at once. Announced by Sameer Samat, the President of Android Ecosystem at Google, the feature is now rolling out for Android users.