- United Healthcare data breach affected around 190 million people
- The number initially hovered at around 100 million
- The majority of the victims have been notified already
The number of people affected by the 2024 Change Healthcare cyberattack is almost double the previous estimates, and now sits at approximately 190 million, the company has admitted.
“Change Healthcare has determined the estimated total number of individuals impacted by the Change Healthcare cyberattack is approximately 190 million,” said Tyler Mason, a spokesperson for UnitedHealth Group.
“The vast majority of those people have already been provided individual or substitute notice. The final number will be confirmed and filed with the Office for Civil Rights at a later date.”
ALPHV and RansomHub
Hackers would usually abuse this data in phishing attacks, business email compromise, wire fraud, and other forms of cyberattack, but so far it hasn’t happened, Mason added.
He said the company was, “not aware of any misuse of individuals’ information as a result of this incident and has not seen electronic medical record databases appear in the data during the analysis.”
In this context, it is worth saying that the company paid the ransom demand to the attackers.
When Change Healthcare suffered a ransomware attack in early 2024, it was believed an affiliate of the ALPHV operation was behind the attack. ALHPV, AKA BlackCat, was a notorious operator that worked on a as-a-service model, sharing the spoils with whomever managed to breach a victim and deploy their code.
However, when an affiliate struck Change Healthcare, and managed to extort it for $22 million, things changed. Instead of sharing the spoils, ALPHV’s operators took it all and disappeared from the face of the earth. The affiliate, which was left holding gigabytes of sensitive data, later rebranded to RansomHub, and became one of the greater threats.
They demanded a second payment, but it is unclear if that ever happened. RansomHub did remove Change Healthcare’s entry from its data leak site, suggesting that the victim firm may have paid it.
Via TechCrunch
+ There are no comments
Add yours