💰💣

UnitedHealth Group (UHG) Security Incident

21/02/2024 579 days ago Resolved

Incident Overview

Situation Description

UnitedHealth Group (UHG) subsidiary Change Healthcare experienced a significant cyberattack on February 21, 2024, leading to widespread disruption in healthcare services and concerns about compromised patient data.

Event Types

Ransomware Malware / Destructive Attack

Industry Sector

Healthcare

Geographic Scope

National (US)

Response Actions

Isolated Compromised Systems Paid a Ransom Offered Post-Breach Remediation Services

Impact Analysis

Event Types (2 identified)

Ransomware Malware / Destructive Attack

Financial Impact

$22,000,000 USD

Records Affected

Data Types Compromised

PII (Personally Identifiable Information) PHI (Protected Health Information) Financial Data (Credit Cards, Bank Accounts)

Primary Impacts

Operational Disruption Financial Loss Data Exposure Reputational Damage

Key Decisions Made

Senator Cassidy requested information from UHG regarding its response to the cyberattack and the lack of MFA on the affected Change Healthcare system.; UHG reportedly paid approximately $22 million to the ALPHV Blackcat ransomware group to prevent the public release of stolen data.; UHG advanced more than $7 billion in funding to providers to mitigate the financial impact of the cyberattack.

Technical Analysis

Attack Method

Unpatched Vulnerability

Threat Actor Attribution

ALPHV Blackcat RansomHub

Vulnerability / Tool

MFA (lack of)

Additional Information

Skip to content Website Search Open Submit Site Search Query Website Search Home Logo Link Published: 05.14.2024 Ranking Member Cassidy Seeks Information from UnitedHealth on Change Healthcare Cyberattack WASHINGTON U.S. Senator Bill Cassidy, M.D. (R-LA), ranking member of the Senate Health, Education, Labor, and Pensions (HELP) Committee, requested information from UnitedHealth Group (UHG) on its response to the February 21 cyberattack on UHG subsidiary Change Healthcare that has wreaked havoc on patients and health care providers nationwide. As one of the nations largest medical claims processors handling the health data for one-third of American patients, the fact that the full extent of the attack is unknown poses serious concerns. On top of the disruption to patients and providers, it is still unknown how many patients and providers have been notified if and how much of their data has been compromised in the breach. The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA) last December alerting cybersecurity professionals that Change Healthcares attacker, ALPHV Blackcat, was encouraging its affiliates to target health care providers. The CSA also detailed ALPHV Blackcats methods, and mitigation strategies to prevent breaches, including implementing multifactor authentication (MFA) to login systems. UHG has publicly stated that the hackers were able to gain access to its systems through an outdated Change Healthcare system that lacked MFA, despite previous warnings by federal agencies and numerous recommendations that stakeholders should implement MFA as a cybersecurity best practice. Given the serious nature of this incident, Cassidy is seeking answers from UHG on why it did not implement MFA or other agency recommendations that could have prevented the attack. Cassidy also requested information on how UHG is working with providers and other stakeholders to...

... (truncated for display)

Quick Facts

Company:: UnitedHealth Group (UHG)
Date:: 21/02/2024
Status:: Resolved
Decision Maker:: Senator Bill Cassidy
Position:: Ranking Member of the Senate Health, Education, Labor, and Pensions (HELP) Committee
Published:: 14/05/2024

Source Information

Original Query

Change Healthcare SEC 10-Q filing discussion of financial impact from ALPHV attack

View Original Source

Timeline

Information Published

14/05/2024

Incident Occurred

21/02/2024 (579 days ago)

Status: Resolved

Estimated resolution based on age

Actions

View Company Profile

Navigation

Quick Stats