Ending Soon! Save 33% on All Access

UnitedHealth Paid Ransom to Cyberhackers After Patients' Personal Data Was Compromised The hack occurred in February.

By Emily Rella

UnitedHealth Group has paid an undisclosed ransom to hackers in an attempt to retain patient data that may have been compromised.

The attack, which happened in February, affected patients of Change Healthcare, a division of United's Optum.

"This attack was conducted by malicious threat actors, and we continue to work with law enforcement and multiple leading cyber security firms during our investigation," a UnitedHealth rep told CNBC. "A ransom was paid as part of the company's commitment to do all it could to protect patient data from disclosure."

Related: A Cyberattack on the Largest Health Insurer in the U.S. Could Put Your Prescriptions and Personal Data at Risk

UnitedHealth revealed that the hacked files contained protected health information and personally identifiable information to "a substantial proportion of people in America," though the company did not disclose exactly how many patients were affected.

So far, UnitedHealth said there was no evidence of data being exfiltrated to be used maliciously, and doctors' charts and medical histories do not seem to be part of the hacked data set.

"We know this attack has caused concern and been disruptive for consumers and providers, and we are committed to doing everything possible to help and provide support to anyone who may need it," said Andrew Witty, CEO of UnitedHealth Group, in a company release.

UnitedHealth estimates it will take several months of analysis to determine the specific individuals affected by the hack, but 22 screenshots from what appeared to be exfiltrated files containing Persona Health Information (PHI) and Personal Identifiable Information (PII) were posted on the dark web for a week.

Related: Maine Hacked in Data Breach, 1.3 Million Residents At Risk

The company is offering two years of free access to a dedicated call center for credit monitoring and identity theft protection to those impacted.

"While this comprehensive data analysis is conducted, the company is in communication with law enforcement and regulators and will provide appropriate notifications when the company can confirm the information involved," UnitedHealth said.

Emily Rella

Entrepreneur Staff

Senior News Writer

Emily Rella is a Senior News Writer at Entrepreneur.com. Previously, she was an editor at Verizon Media. Her coverage spans features, business, lifestyle, tech, entertainment, and lifestyle. She is a 2015 graduate of Boston College and a Ridgefield, CT native. Find her on Twitter at @EmilyKRella.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Business News

TikTok Reportedly Laid Off a 'Large Percentage' of Employees as the App's Fate in the U.S. Remains Unclear

Laid-off TikTok employees were notified Wednesday night through Thursday morning.

Personal Finance

This Investment Bundle Includes a Trading Course and Stock Screener Tool for $150

Approach the stock market with an increased understanding.

Business News

Four Seasons Orlando Responds to Viral TikTok: 'There's Something Here For All Ages'

The video has amassed over 45.4 million views on TikTok.

Growing a Business

5 Strategies to Know As You Scale Your Business

Scaling a service-based company requires a comprehensive approach that goes beyond simply increasing revenue. It requires careful planning, strategic decision-making and a deep understanding of market dynamics.

Growing a Business

The Right Way to Ask Someone for a Million Dollars, According to a Fundraiser Who Does It For a Living

No matter what you're raising money for, Wanda Urbanskia says, the same basic rules apply.