UnitedHealth Group (UHG) reported that last year’s breach of its technology subsidiary, Change Healthcare, affected 190 million people—nearly double the initial estimate of 100 million following the cyberattack on February 21, 2024. This incident is the largest healthcare data breach in history, affecting one in two citizens and resulting in estimated losses of $2 billion for UHG. This record was previously held by the Anthem breach of 2015 that impacted nearly 79 million records.

The ransomware attack caused widespread disruptions, leading to pharmacy delays and complications with insurance claims processing. The company paid the ransomware group BlackCat/ALPHV $22 million to minimize damage; however, after receiving the ransom, the group reportedly exited the dark web, raising concerns about data recovery. While the extent of the stolen data was not disclosed, one of the group’s affiliates, RansomHub, claimed to have retained at least 4TB of sensitive information and attempted to extort UHG with a second ransom demand. Compromised data includes medical records, billing details, and other sensitive personal information.

UHG’s experience underscores that paying ransom does not guarantee data recovery and highlights the importance of implementing basic cybersecurity practices, including multi-factor authentication and robust backup solutions.