A massive February hack affecting 100 million people in UN health tech was recorded as the biggest attack.
Key Takeaways
- The cyberattack affected the personal information of 100 million people.
- The breach triggered severe interruptions in claims processing.
- The hacking organization ALPHV, or “BlackCat,” was responsible for the incident.
- The investigation is in its final stages, United Health stated.
The largest healthcare breach in the US occurred in February, and confirmation was received that a change affected the personal information of 100 million people. The US Health Department released this on its website.
In June, the company started informing the impacted patients.
The hacking organization ALPHV, or “BlackCat,” was responsible for the incident. The compromise created extensive interruptions in claims processing, affecting both patients and providers nationwide.
ALPHV penetrated the company’s Citrix remote access service, which lacked multi-factor authentication, by using stolen credentials. They encrypted network equipment and took 6 TB of data; in response, the firm shut down its IT infrastructure To halt the spread.
As part of its obligation to alert nearly one-third of the nation whose personal data may have been compromised by the ransomware assault, UnitedHealth published an official public notice informing about the incident in June.
The number of affected persons was published on a list of data breaches maintained by the Civil Rights Office of the United States Department of Health and Human Services.
The investigation is still underway, and UnitedHealth will continue to notify anyone who may be affected as quickly as possible, according to a statement.
This ransomware attack led to stolen sensitive information. The company indicated at the time that it was impossible to confirm the type of data exposed, although it could have included social security numbers, patient diagnoses, treatment details, health insurance member IDs, and provider billing codes.
UnitedHealth acknowledged paying the claimed $22 million ransom. The ransomware assault resulted in $2.45 billion in losses.
The corporation anticipated earlier this month that the attack, which caused substantial payment and other disruptions across the United States, would have a $705 million impact on revenue this year. In addition to suffering costs related to telling customers about the breach, UnitedHealth extended billions of dollars in loans to providers affected by the hack.
Hacks not only compromise private information but also lead to financial damage. A recent Securities and Exchange Commission’s official X account manipulated the bitcoin prices, raising them to $1000 and then decreasing by $2000 after announcing the correction. The FBI took action and arrested the 25-year-old Alabama man.
Explore other recent cybersecurity news if you missed any.
If you’re interested in contributing, submit your guest post and Write for Us.