The U.S. Department of Health and Human Services (HHS) has revealed that a cyberattack on UnitedHealth Group’s technology unit, Change Healthcare, compromised the personal data of 192.7 million individuals. The scale of the breach, disclosed on the HHS data breach portal, makes it one of the largest health data breaches in U.S. history.

Impact on Patients and Providers

The breach exposed sensitive patient information, including medical records, billing data, and personal identifiers. The incident disrupted healthcare services across hospitals, pharmacies, and insurance systems nationwide, creating delays in prescriptions, claims, and payments.

Attack Linked to Ransomware Group

Investigations indicate that the attack was carried out by a ransomware group believed to have ties to international cybercrime networks. Hackers gained unauthorized access to Change Healthcare’s systems in February, demanding a ransom reportedly exceeding tens of millions of dollars.

Government and Industry Response

Federal authorities, including the FBI and the HHS Office for Civil Rights, are coordinating with UnitedHealth to contain the fallout. The breach has also reignited debates about cybersecurity vulnerabilities in the U.S. healthcare infrastructure, with lawmakers pushing for stricter regulations and mandatory security upgrades.

UnitedHealth’s Commitment to Recovery

UnitedHealth has assured patients and providers that steps are being taken to restore services and protect affected individuals. The company has also pledged to provide credit monitoring and identity theft protection to those impacted by the breach.