We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Change Healthcare Hack Led to "Substantial" Theft of Data

Change Healthcare Hack Led to
Author Image Husain Parvez
Husain Parvez Published on 25th April 2024 Cybersecurity Researcher

UnitedHealth Group has acknowledged that a recent ransomware attack on its subsidiary Change Healthcare led to a massive data breach, affecting a "substantial proportion of people in America." The breach, one of the most significant in American healthcare history, resulted in the theft of sensitive patient data across the country.

Initially stolen by the BlackCat/ALPHV ransomware gang, the data was then allegedly passed to a second group, RansomHub, further escalating the situation. TechCrunch reported that the initial intrusion occurred in February, with the attackers gaining access to Change Healthcare's systems for over a week before deploying ransomware. This allowed them to exfiltrate an enormous amount of data.

The severity of the data compromise became apparent when RansomHub began publishing portions of the stolen data online. In response to this continued threat, UnitedHealth was forced to pay the ransom to prevent further data disclosure. "A ransom was paid as part of the company’s commitment to do all it could to protect patient data from disclosure," a UnitedHealth spokesperson told BleepingComputer.

The financial impact of the attack on UnitedHealth has been profound. Not only has the company had to pay two sizable ransoms at this point, it also reported an $872 million loss due to the operational disruptions caused by the initial cyberattack. Services such as payment processing, prescription writing, and insurance claims faced significant delays, contributing to a broader healthcare slowdown.

This breach not only disrupted the financial and operational aspects of US healthcare but also raised serious concerns about the security of sensitive medical data in a sector that is increasingly targeted by cybercriminals. Despite the ransom payment and ongoing efforts to secure their systems, UnitedHealth continues to grapple with the ramifications of the breach.

UnitedHealth CEO Andrew Witty remarked on the ongoing response efforts, saying, "We know this attack has caused concern and been disruptive for consumers and providers, and we are committed to doing everything possible to help and provide support to anyone who may need it."

The company has initiated a detailed analysis of the hacked data, which is expected to take several months. Meanwhile, UnitedHealth is already taking steps to support affected individuals, including the offering of credit monitoring and identity theft protection services.

About the Author

Husain Parvez is a Cybersecurity Researcher and News Writer at vpnMentor, focusing on VPN reviews, detailed how-to guides, and hands-on tutorials. Husain is also a part of the vpnMentor Cybersecurity News bulletin and loves covering the latest events in cyberspace and data privacy.