100 million people hit in largest healthcare data breach in history — medical info, SSNs and more

A person using a laptop with a warning message appearing on screen
(Image credit: Shutterstock)

More than 100 million people had their personal information and healthcare data stolen in the massive UnitedHealth ransomware attack earlier this year, making it the largest healthcare data breach in the country.

After completing its investigation into February's data breach, the US Department of Health and Human Services said this week that roughly a third of all Americans' health data was exposed in the attack. The findings confirm UnitedHealth's statement back in April that the attack exposed sensitive data for a "substantial proportion of people in America."

In February, the ransomware hacking group ALPHV, also known as "BlackCat," launched a cyberattack on UnitedHealth subsidiary Change Healthcare, causing months of unprecedented outages and disruptions in claims processing across the U.S. healthcare sector. Change Healthcare is one of the largest health payment processing companies in the world and works with leading insurance companies like Aetna, Anthem, Blue Cross Blue Shield, and Cigna.

"On October 22, 2024, Change Healthcare notified [the HHS's Office for Civil Rights] that approximately 100 million individual notices have been sent regarding this breach," reads an FAQ on the HHS website.

According to public notices the company released back in June, the stolen data includes: billing, claims, and payment information; medical information such as diagnoses, test results, and medical record numbers; health insurance information such as member/group ID numbers; and personal information such as Social Security numbers and driver’s licenses or state ID numbers.

UnitedHealth first reported the breach on February 21. Change Healthcare pushed out a data breach notification warning to users the next month. In June, the company issued a public notice as part of its requirement to notify the estimated one-third of the country impacted by the ransomware attack. The federal investigation is still in its final stages, UnitedHealth said in a statement, and the company will continue notifying potentially impacted individuals as quickly as possible.

In a May congressional hearing, UnitedHealth CEO Andrew Witty testified that the hacker group used stolen employee login credentials to breach the company's Citrix remote access service. Crucially, the Citrix profile did not have multi-factor authentication (MFA) turned on, which opened the gates for hackers to remotely access the company's network. Witty told lawmakers that the company has since updated its internal policies to mandate MFA following the cyberattack. UnitedHealth confirmed to Congress it paid the $22 million ransom demand to receive a decryptor under the agreement that the hackers delete the stolen data, but the data deletion never occurred. After receiving the payment, BlackCat pulled an exit scam and shut down its servers.

If you're worried about what can happen if your personal or medical data ends up on the dark web, signing up for one of the best identity theft protection services makes the most sense. While the best antivirus software can protect you and your devices from malware and other threats online, identity theft protection is more useful after a major data breach like this one.

Hopefully, governments will soon start holding companies hit by big breaches like this one more accountable when the attack occurred as a result of an error or oversight on their end.

More from Tom's Guide

Network
Arrow
Intego
Norton
Contract Length
Arrow
Showing 2 of 2 deals
Filters
Arrow
Alyse Stanley
News Editor

Alyse Stanley is a news editor at Tom’s Guide overseeing weekend coverage and writing about the latest in tech, gaming, and entertainment.Prior to joining Tom’s Guide, Alyse worked as an editor for the Washington Post’s sunsetted video game section, Launcher. She previously led Gizmodo’s weekend news desk and has written game reviews and features for outlets like Polygon, Unwinnable, and Rock, Paper, Shotgun. She’s a big fan of horror movies, cartoons, and roller skating.

Read more
An open lock depicting a data breach
Massive healthcare data breach just exposed the personal info of 1 million Americans — what to do now
Screen graphic showing data breach warning
5 worst data breaches of 2024 — including the mother of all breaches
An open lock depicting a data breach
3.5 million hit in major law firm data breach — full names, SSNs, dates of birth, addresses and more exposed
Globe Life insurance company logo on a cell phone in front of a monitor display the About page for the company. Shadowy hand holds the phone.
850,000 people exposed in massive insurance data breach — full names, dates of birth and SSNs
Surfshark graphic of 2024 data breaches
Nearly 700 million American records were leaked in 2024
An open lock depicting a data breach
The top 10 data breaches of 2024
Latest in Online Security
A magnifying glass on top of the Steam logo in a web browser
Valve just pulled a malicious game demo spreading info-stealing malware from Steam
MacBook Pro 2023
New Mac attack is tricking users into thinking their computer is locked — how to stay safe
An open lock depicting a data breach
Half a million teachers hit in major data breach with SSNs, financial data and more exposed — what to do now
Green skull on smartphone screen.
Malicious Android apps with 60 million installs bombarding phones with ads and phishing attacks — how to stay safe
Malware
Dangerous new password-stealing trojan automatically reinstalls itself on infected PCs
An FBI agent typing on a computer
FBI issues warning to millions of Americans to avoid these websites that can steal your passwords and banking info
Latest in News
A magnifying glass on top of the Steam logo in a web browser
Valve just pulled a malicious game demo spreading info-stealing malware from Steam
Lewis Hamilton of Great Britain and Scuderia Ferrari looks on during Sprint Qualifying ahead of the F1 Grand Prix of China at Shanghai International Circuit in Shanghai, China, on March 21, 2025. (Photo by Song Haiyuan/Paddocker/NurPhoto via Getty Images)
How to watch F1 Chinese GP 1 2025 online without cable – Sprint race, Qualifying
NYTimes Connections
NYT Connections today hints and answers — Saturday, March 22 (#650)
Nintendo Switch 2
Nintendo Switch 2 — 7 biggest questions that need answers at Nintendo Direct April 2
iPhone 17 Air render
iPhone 17 Air — new survey could be bad news for Apple's super thin iPhone
Segway g30lp
Segway recalls 220,000 electric scooters - what to do if yours is on the list