Skip to main content
  1. Home
  2. Computing
  3. News

100 million affected in worst U.S. health care data breach of all time

Add as a preferred source on Google

Until now, the worst health care data breach occurred in 2015, which compromised 78.8 million people. But the ante has been upped.

The cyberattack in question has hit a new record of 100 million people affected — and just happens to have struck the largest health care company in the world (by revenue), UnitedHealth Group.

Recommended Videos

The actual incident happened in February 2024, when a ransomware attack caused disruptions at pharmacies all across the country, originally reported by Reuters. The target was Change Healthcare, a subsidiary of UnitedHealth Group that manages finances for medical providers. Cybercriminals reportedly found their way into the Change Healthcare employee system due to a lack of multi-factor authentication on login credentials.

A statement from the U.S. Senate Committee on Finance described the nightmarish results of the hack, which involved prescriptions going unfilled, doctors and hospitals not getting paid, and insurance companies unable to reimburse medical providers. “The Change Healthcare hack is considered by many to be the biggest cybersecurity disruption to health care in American history,” Sen. Ron Wyden, D-Oregon, said in the committee statement.

Approximately a third of all U.S. citizens are somehow connected to the organization, and that includes lots and lots of personal data. We all knew it was bad at the time, as the CEO of Change Healthcare said the stolen files included the personal health data for “a substantial proportion of people in America,” as reported by TechCrunch.

The attack was claimed to have been committed by the BlackCat ransomware gang, which was confirmed by Change Healthcare. A post on the dark web by the Russia-based group later claimed to have stolen the health and patient information of millions of Americans.

But now, the U.S. Department of Health and Human Services has updated the figure of those affected in its data breach portal to reveal just how bad it really is: a terrifying 100 million people. One industry journal even suggested that the round figure of 100 million could change in the future, as reported by DailyMail. Hopefully that means the actual number could be smaller, but it could just as easily go in the opposite direction.

The sheer scale makes the 5.3 million data breach that affected Mexican health care systems reported on just yesterday look negligible by comparison.

Luke Larsen
Former Senior Editor, Computing
Luke Larsen is the Senior Editor of Computing, managing all content covering laptops, monitors, PC hardware, Macs, and more.
You can now check if a Google ad was made using AI
Google will auto-label its own AI ads, but third-party AI ads still rely on advertisers to come clean.
google-ads-ai-label

Ever looked at an ad and wondered if a real person made it or if it was AI generated in seconds? Google is now giving you a way to find out.

The company just announced a new AI transparency label that tells you whether an ad was created or edited using generative AI tools. The label lives inside Google's My Ad Center, and it is rolling out across Google Search, YouTube, and Discover globally.

Read more
Outlook will soon warn you before you answer an outdated email
Microsoft is bringing reply alerts, rule-based templates, and improved categories to Outlook
Computer, Electronics, Laptop

Microsoft has recently been cleaning up some longstanding Windows 11 pain points, including parts of the Start menu and Search. According to a new report from Windows Latest, the company is also preparing several useful changes for the new Outlook app on Windows 10 and Windows 11, which became generally available in 2024.

Microsoft is adding a warning for users who start replying to an older email after a newer response has arrived in the same conversation. The alert is meant to stop people from replying without seeing the latest information in the thread.

Read more
Google just changed how it grades the AI models you use for Android coding
Android Bench has a new testing framework and eight new models, so the rankings you remember are now out of date.
Android Bench featured.

Google just changed how it measures which AI models are best at writing Android app code, and the update has shuffled the rankings developers use to pick their tools. The company's Android Bench leaderboard, which launched in March, now runs on a new testing system called Harbor. Google says this replaces the older, more generic testing tool it used before, and gives a better read on how models perform on real Android tasks, like updating old code to Jetpack Compose or handling wearable device networking.

New models shake up the top of the list

Read more