UnitedHealth's Data Breach Affected 100 Million Americans. Here's What the Cyberattack Exposed. It's the largest healthcare data breach to date.

By Sherin Shibu Edited by Melissa Malamut

Key Takeaways

  • UnitedHealth Group estimates that 100 million Americans were affected by a February cyberattack, as of a new filing.
  • The cyberattack exposed sensitive information, including health records and personally identifiable information like Social Security numbers.
  • Research conducted by the nonprofit Identity Theft Resource Center shows a rise in data breaches in the U.S.

In February, Change Healthcare, a tech company owned by UnitedHealth Group (UHG), underwent a massive cyberattack that involved paying a $22 million ransom to resolve.

On Thursday, UHG quantified the number of people affected by the attack for the first time, eight months after the breach happened. A new filing in the U.S. Department of Health and Human Services portal on Thursday shows that one-third of the U.S. population, or about 100 million Americans, had their data stolen during the breach.

The cyberattack exposed sensitive health records, like medical diagnoses, test results, medications, and health plans, as well as Social Security numbers and other personally identifiable information.

Related: UnitedHealth Paid Ransom to Cyberhackers After Patients' Personal Data Was Compromised

The scope of the attack makes it the largest healthcare data breach ever, surpassing an Anthem incident in 2015 that affected almost 79 million Americans.

According to a testimony given by UHG CEO Andrew Witty before the House Energy and Commerce Committee, the data breach happened when "criminals used compromised credentials" to get into a Change healthcare portal that did not have multi-factor authentication enabled. Change handles payment processing for 15 billion medical claims per year or about 40% of all claims; UHG acquired it in late 2022.

UHG CEO Andrew Witty. Photo Credit: Tom Williams/CQ-Roll Call, Inc via Getty Images

The cyberattack disrupted daily life — some medical providers, hospitals, and pharmacies were unable to fulfill patient prescriptions and process billing for patients for weeks after it happened.

The U.S. is experiencing an overall increase in data breaches. The nonprofit Identity Theft Resource Center says there has been a 72% rise in incidents from 2021 to 2023.

Related: A Cyberattack on the Largest Health Insurer in the U.S. Could Put Your Prescriptions and Personal Data at Risk
Sherin Shibu

Entrepreneur Staff

News Reporter

Sherin Shibu is a business news reporter at Entrepreneur.com. She previously worked for PCMag, Business Insider, The Messenger, and ZDNET as a reporter and copyeditor. Her areas of coverage encompass tech, business, strategy, finance, and even space. She is a Columbia University graduate.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Most Popular

See all
Business News

'Now Accepting Applications': Elon Musk Is Opening a New Preschool in Texas Called Ad Astra. Here's How to Apply.

The school got an official permit last month to operate with as many as 21 students.

By Sherin Shibu
Devices

The Future of Recording Meetings, Calls, and More Is Here and You Can Get It for $100

Revolutionize how you record and analyze conversations.

By Entrepreneur Store
Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

By Eve Gumpel
Business News

'We're Not Allowed to Own Bitcoin': Crypto Price Drops After U.S. Federal Reserve Head Makes Surprising Statement

Fed Chair Jerome Powell's comments on Bitcoin and rate cuts have rattled cryptocurrency investors.

By David James
Business News

A New Hampshire City Was Named the Hottest Housing Market in the U.S. This Year. Here's the Top 10 for 2024.

Zillow released its annual lists featuring the top housing markets, small towns, coastal cities, and geographic regions. Here's a look at the top real estate markets and towns in 2024.

By Erin Davis
Business Ideas

Is Your Business Healthy? Why Every Entrepreneur Needs To Do These 3 Checkups Every Year

You can't plan for the new year until you complete these checkups.

By Scott Snider