UnitedHealth paid ransom to bad actors, says patient data was compromised in Change Healthcare cyberattack

UnitedHealth paid ransom to bad actors, says patient data was compromised in Change Healthcare cyberattack


Omar Marques | Lightrocket | Getty Images

UnitedHealth Group on Monday said it paid a ransom to cyber threat actors to try and protect patient data, following the February cyberattack on its subsidiary Change Healthcare. The company also confirmed that files containing personal information were compromised in the breach.

“This attack was conducted by malicious threat actors, and we continue to work with the law enforcement and multiple leading cyber security firms during our investigation,” UnitedHealth told CNBC in a statement. “A ransom was paid as part of the company’s commitment to do all it could to protect patient data from disclosure.”

The company did not specify the ransom payment amount.

UnitedHealth, which has more than 152 million customers, said it has also determined that the cyber threat actors accessed files containing protected health information and personally identifiable information, according to a release Monday. The files “could cover a substantial proportion of people in America,” the release said.

Change Healthcare offers payment and revenue cycle management tools. The company facilitates more than 15 billion transactions annually, and one in every three patient records passes through its systems. This means even patients who are not UnitedHealth customers could have been impacted by the attack.

UnitedHealth said in the release that 22 screenshots, allegedly of the compromised files, have been uploaded to the dark web. The company said no other data has been published, and it has not seen evidence that doctors’ charts or full medical histories were accessed in the breach.

“We know this attack has caused concern and been disruptive for consumers and providers and we are committed to doing everything possible to help and provide support to anyone who may need it,” UnitedHealth CEO Andrew Witty said in the release.

UnitedHealth said that concerned patients can visit a dedicated website for access to resources. The company has launched a call center that will offer free identity theft protections and credit monitoring for two years, the release said.

The call center will not be able to offer any details about individual data impact given the “ongoing nature and complexity of the data review,” UnitedHealth said.



Source

Microplastics are everywhere. Here’s why that matters to big oil
Health

Microplastics are everywhere. Here’s why that matters to big oil

Microplastics are increasingly being found in our bodies and food supply.  They are defined as pieces of plastic smaller than 5 millimeters — about the size of a pencil eraser. But they can also be much smaller, like the size of a virus particle or a strand of DNA. Petrochemicals, the building blocks of plastic, […]

Read More
FDA approves first-ever glucose monitoring system for weight loss from Signos 
Health

FDA approves first-ever glucose monitoring system for weight loss from Signos 

Woman with Signos wearable and app Source: Signos The Food and Drug Administration on Wednesday approved the first-ever glucose monitoring system specifically for weight loss from the startup Signos, establishing a new option for Americans to manage their weight.  Current treatment options for losing weight – popular drugs like GLP-1s and surgical interventions – are […]

Read More
Healthy Returns: New study casts doubts on RFK Jr.’s reasons for gutting key vaccine panel
Health

Healthy Returns: New study casts doubts on RFK Jr.’s reasons for gutting key vaccine panel

U.S. Health and Human Services (HHS) Secretary Robert F. Kennedy Jr. speaks as he attends a press conference with Centers for Medicare and Medicaid Services Administrator Mehmet Oz to discuss health insurance reform, at the Department of Health and Human Services in Washington, D.C., U.S., June 23, 2025. Kevin Mohatt | Reuters A version of […]

Read More
Powered by WordPress | WP Magazine by WP Mag Plus