- The violation of united health care data affected around 190 million people
- The number initially oscillated at around 100 million
- The majority of victims have already been informed
The number of people affected by the cyber attack of health care for the change of 2024 is almost double the previous estimates and is now around 190 million, admitted the company.
“Change Healthcare has determined that the total estimated number of people affected by the change of health cyber attack is around 190 million,” said Tyler Mason, spokesperson for Unitedhealth Group.
“The vast majority of these people have already received an individual or substitute opinion. The final number will be confirmed and filed with the civil rights office on a later date. »»
Alphv and Ransomhub
Pirates generally abuse this data in phishing attacks, compromises by business mail, wire fraud and other forms of cyber attack, but so far, this has not happened, added Mason.
He said that the company was: “Not aware of any abusive use of individuals from individuals following this incident and has not seen an electronic medical file databases appear in data during the analysis. »»
In this context, it should be said that the company has paid the ransom request to attackers.
When Healthcare changes held ransomware attack at the beginning of 2024, it was believed that an affiliate of Operation AlphV was at the origin of the attack. The ALHPV, alias Blackcat, was a notorious operator who worked on such a model, sharing the loot with anyone who managed to rape a victim and deploy his code.
However, when an affiliate struck the change of health and managed to export it for $ 22 million, things have changed. Instead of sharing the loot, Alphv’s operators took everything and disappeared from the face of the earth. The affiliate, which was left by holding gigabytes of sensitive data, then renamed Ransomhub, and became one of the greatest threats.
They demanded a second payment, but it is not clear if it has ever happened. Ransomhub has deleted the Healthcare exchange entrance from its data leak site, suggesting that the victim company may have paid it.
Via Techcrunch
