UnitedHealth reveals 190 million US citizens were impacted by the Change Healthcare breach
UnitedHealth has confirmed that the total number of customers impacted by last year’s Change Healthcare breach is far higher than previously thought.
190 million US citizens are now expected to have been impacted by the attack, equivalent to well over half of the US population. Previous estimates suggested that the total victims represented a third of the population.
“The vast majority of those people have already been provided individual or substitute notice,” a spokesman for UnitedHealth said in a statement, according to reports from the Wall Street Journal.
“The final number will be confirmed and filed with the Office for Civil Rights at a later date,” they added.
Change Healthcare first detected the deployment of ransomware on its systems in February 2024, which quickly created widespread disruption to operations.
The ALPHV/BlackCat ransomware group claimed responsibility for the attack, to which UnitedHealth Group has admitted to paying a $22 million ransom to recover data stolen by the threat actors.
Afforded no respite, Change Healthcare was then hit with another cyber attack within two months of the original. This second attack was perpetrated by a different threat actor known as RansomHub.
United Healthcare suffered billions in financial damages and its reputation has taken a beating in these subsequent breaches. CTO of SecureAck Simon Phillips thinks this is worth bearing in mind for other firms.
“This should act as a warning to other organizations. Paying a ransom demand doesn’t equal exemption from the other costs and reputational damage associated with attacks,” Phillips told ITPro.
“Firstly, as we are seeing here, there are no guarantees criminals will stick to their word, plus, paying means an organization’s future lies in the hands of threat actors, which is a very dangerous position to be in,” he added.
The focus must be on preparation
Working on the defense against ransomware and improving cyber resilience must be the primary focus for enterprises, Phillips said, as well as cyber hygiene and solid backup processes.
“Organisations must adopt basic cyber hygiene practices, which includes applying MFA across all accounts. They should also adopt a comprehensive back up process to ensure systems can be restored quickly, even in the face of ransomware attack,” he said.
“When organizations combine a successful backup program with automated recovery, ransomware attacks become less impactful and more of a nuisance rather than a cause of destruction,” he added.
Source link
