Back from the Brink: UnitedHealth Offers Sobering Post-Attack Update

The company reports most systems are functioning again but that analysis of the data affected will take months to complete.

Dark Reading Staff, Dark Reading

April 23, 2024

1 Min Read
A medical professional holding a tablet with an image overlay indicating global health
Source: Yuri Arcurs via Alamy Stock Photo

UnitedHealth Group, in another unfortunate turn of events, has discovered that a large amount of its customers' personal data was compromised by two recent cyberattacks, from which it is still recovering.

A data review is ongoing, and the company says it expects it to take several more months of analysis before it has "enough information … available to identify and notify impacted customers and individuals." However, the company has not seen personal information like doctors' charts or full medical histories among the impacted data it's examined so far.

Change Healthcare, a subsidiary of UnitedHealth Group, fell victim to a ransomware attack on Feb. 23, ultimately leading to the company deciding to pay off the BlackCat/ALPHV ransomware affiliate responsible, after the US healthcare system fell into disarray. 

The enormity of the attack gained the attention of those in Washington, such as chairman of the Senate's Homeland Security and Governmental Affairs Committee, Sen. Gary Peters (D-Mich.), who encouraged HHS to take whatever steps necessary to prevent such an attack from ever happening again.

However, it didn't stop there. The company reportedly experienced another attack at the hands of RansomHub, which allegedly stole 4TB of company information, including financial data.

Now, in the wake of these new discoveries in its ongoing investigation and analysis, the company reported that many of its affected systems are on their way to being fully operational again: 99% of pre-incident pharmacies are able to process claims, medical claims are flowing at near-normal levels, and payment processing is at 86% of pre-incident levels. UnitedHealth Group also reports that it is in communication with law enforcement and regulators and is providing resources for impacted customers at http://changecybersupport.com

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights