Ending Soon! Save 33% on All Access

UnitedHealth Paid Ransom to Cyberhackers After Patients' Personal Data Was Compromised The hack occurred in February.

By Emily Rella

UnitedHealth Group has paid an undisclosed ransom to hackers in an attempt to retain patient data that may have been compromised.

The attack, which happened in February, affected patients of Change Healthcare, a division of United's Optum.

"This attack was conducted by malicious threat actors, and we continue to work with law enforcement and multiple leading cyber security firms during our investigation," a UnitedHealth rep told CNBC. "A ransom was paid as part of the company's commitment to do all it could to protect patient data from disclosure."

Related: A Cyberattack on the Largest Health Insurer in the U.S. Could Put Your Prescriptions and Personal Data at Risk

UnitedHealth revealed that the hacked files contained protected health information and personally identifiable information to "a substantial proportion of people in America," though the company did not disclose exactly how many patients were affected.

So far, UnitedHealth said there was no evidence of data being exfiltrated to be used maliciously, and doctors' charts and medical histories do not seem to be part of the hacked data set.

"We know this attack has caused concern and been disruptive for consumers and providers, and we are committed to doing everything possible to help and provide support to anyone who may need it," said Andrew Witty, CEO of UnitedHealth Group, in a company release.

UnitedHealth estimates it will take several months of analysis to determine the specific individuals affected by the hack, but 22 screenshots from what appeared to be exfiltrated files containing Persona Health Information (PHI) and Personal Identifiable Information (PII) were posted on the dark web for a week.

Related: Maine Hacked in Data Breach, 1.3 Million Residents At Risk

The company is offering two years of free access to a dedicated call center for credit monitoring and identity theft protection to those impacted.

"While this comprehensive data analysis is conducted, the company is in communication with law enforcement and regulators and will provide appropriate notifications when the company can confirm the information involved," UnitedHealth said.
Emily Rella

Entrepreneur Staff

Senior News Writer

Emily Rella is a Senior News Writer at Entrepreneur.com. Previously, she was an editor at Verizon Media. Her coverage spans features, business, lifestyle, tech, entertainment, and lifestyle. She is a 2015 graduate of Boston College and a Ridgefield, CT native. Find her on Twitter at @EmilyKRella.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Most Popular

See all
Business News

'Creators Left So Much Money on the Table': Kickstarter's CEO Reveals the Story Behind the Company's Biggest Changes in 15 Years

In an interview with Entrepreneur, Kickstarter CEO Everette Taylor explains the decision-making behind the changes, how he approaches leading Kickstarter, and his advice for future CEOs.

By Sherin Shibu
By Emily Rella
Business Ideas

87 Service Business Ideas to Start Today

Get started in this growing industry, with options that range from IT consulting to childcare.

By Guen Sublette
Business Models

How to Become an AI-Centric Business (and Why It's Crucial for Long-Term Success)

Learn the essential steps to integrate AI at the core of your operations and stay competitive in an ever-evolving landscape.

By Alex Goryachev
Business News

Melinda French Gates Reveals Her Next Move After Leaving Gates Foundation: 'Set Your Own Agenda or Someone Else Will Set It For You'

French Gates announced that she is donating $1 billion over the next two years.

By Sherin Shibu
Marketing

5 Steps to Preparing an Engaging Industry Presentation

You can make a great impression and generate interest with an exciting, informative presentation. Find out my five secrets to creating an industry presentation guaranteed to wow.

By Cyrus Claffey