Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
UnitedHealth Group

UnitedHealth Group Vendor Cyber Rating & Cyber Score

unitedhealthgroup.com

UnitedHealth Group is a health care and well-being company with a mission to help people live healthier lives and help make the health system work better for everyone. We are 340,000 colleagues in two distinct and complementary businesses working to help build a modern, high-performing health system through improved access, affordability, outcomes and experiences. Optum delivers care aided by technology and data, empowering people, partners and providers with the guidance and tools they need to achieve better health. UnitedHealthcare offers a full range of health benefits, enabling affordable coverage, simplifying the health care experience and delivering access to high-quality care. We work with governments, employers, partners and


UnitedHealth Group A.I CyberSecurity Scoring

UnitedHealth Group
Company Information
Website:https://www.unitedhealthgroup.com/
Employees number:91,204
Number of followers:1,681,191
NAICS:62
Industry Type:Hospitals and Health Care
Homepage:unitedhealthgroup.com
UnitedHealth Group Risk Score (AI oriented)
Between 0 and 549
logo
UnitedHealth GroupHospitals and Health Care
Updated:
10/07/2026
100/1000
Critical
C
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
UnitedHealth Group Global Score (TPRM)
xxxx
logo
UnitedHealth GroupHospitals and Health Care
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

UnitedHealth Group
UnitedHealth GroupCritical
Current Score
100C (CRITICAL)
01000
25 incidents
-71.5 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
100Before Incident
JUNE 2026
100Before Incident
Cyber Attack
02 Jun 2026UnitedHealth Group
UnitedHealth Group and Change Healthcare: KVUE

Ransomware Attack on Change Healthcare Disrupts U.S. Healthcare Network

100After Incident
CRITICAL0
UNICHA1780411681
Cyberattack Disrupts Major U.S. Healthcare Network, Exposing Patient Data A ransomware attack on Change Healthcare, a key subsidiary of UnitedHealth Group, has severely disrupted healthcare operations across the U.S., highlighting vulnerabilities in critical medical infrastructure. The incident, first detected on February 21, 2024, forced the company to disconnect systems to contain the breach, leading to widespread delays in prescription processing, insurance claims, and payment systems for pharmacies, hospitals, and clinics. The attack, attributed to the BlackCat/ALPHV ransomware group, encrypted sensitive data and disrupted services for weeks, with some providers reporting ongoing issues into March. Change Healthcare processes 15 billion healthcare transactions annually, affecting roughly one in three U.S. patient records. While the full scope of compromised data remains unclear, early reports suggest personal and medical information may have been exfiltrated, raising concerns about potential identity theft and fraud. UnitedHealth Group confirmed the attack originated from a compromised credential, allowing threat actors to bypass security measures. The company has since restored some services, but the incident has drawn scrutiny from lawmakers and regulators, including the HHS Office for Civil Rights, which launched an investigation into potential HIPAA violations. The attack underscores the growing targeting of healthcare providers by cybercriminals, who exploit the sector’s reliance on interconnected systems and high-stakes data. As recovery efforts continue, the disruption has left patients facing delayed care and financial strain, while healthcare organizations grapple with operational and reputational fallout. The incident serves as a stark reminder of the cascading effects of cyberattacks on critical services.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial gain
IMPACT
Data Compromised: Personal and medical informationSystems Affected: Prescription processing, insurance claims, payment systemsDowntime: WeeksOperational Impact: Widespread delays in healthcare servicesBrand Reputation Impact: HighLegal Liabilities: Potential HIPAA violationsIdentity Theft Risk: High
DATA BREACH
Type Of Data Compromised: Personal and medical informationSensitivity Of Data: HighData Exfiltration: PotentialData Encryption: YesPersonally Identifiable Information: Yes
MAY 2026
100Before Incident
Ransomware
07 May 2026UnitedHealth Group
UnitedHealth Group and Change Healthcare: MSN

Ransomware Attack on Change Healthcare Disrupts U.S. Healthcare System

100After Incident
CRITICAL0
UNICHA1778149488
Cyberattack Disrupts Major U.S. Healthcare Provider, Exposing Patient Data A ransomware attack on Change Healthcare, a key subsidiary of UnitedHealth Group (UHG), has caused widespread disruptions across the U.S. healthcare system, delaying payments, prescriptions, and critical medical services. The incident, first detected on February 21, 2024, forced the company to take its systems offline, severing connections with pharmacies, hospitals, and insurers nationwide. The attack has been attributed to the BlackCat (ALPHV) ransomware group, which claimed responsibility and allegedly stole 6 terabytes of sensitive data, including patient records, insurance details, and billing information. While UHG has not confirmed whether a ransom was paid, reports suggest the group received a $22 million payment one of the largest known ransomware payouts to date. The fallout has been severe: pharmacies reported delays in processing prescriptions, healthcare providers faced interruptions in claims processing, and some patients experienced denied or delayed care due to system outages. The U.S. Department of Health and Human Services (HHS) and the Cybersecurity and Infrastructure Security Agency (CISA) are investigating the breach, which has raised concerns about the vulnerability of healthcare infrastructure to cyber threats. Change Healthcare processes 15 billion healthcare transactions annually, making this one of the most significant cyber incidents to hit the U.S. medical sector. Recovery efforts are ongoing, but the full extent of the data exposure and long-term operational impact remains unclear. The attack underscores the growing risk of ransomware targeting critical healthcare systems, where disruptions can directly endanger patient safety.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial gain
IMPACT
Data Compromised: 6 terabytes of sensitive dataSystems Affected: Pharmacy processing, claims processing, medical servicesOperational Impact: Delays in prescriptions, claims processing, and patient care; system outagesBrand Reputation Impact: SevereIdentity Theft Risk: HighPayment Information Risk: High
DATA BREACH
Patient recordsInsurance detailsBilling informationSensitivity Of Data: HighData Exfiltration: YesData Encryption: Yes (ransomware encryption)Personally Identifiable Information: Yes
APRIL 2026
100Before Incident
Ransomware
14 Apr 2026UnitedHealth Group
UnitedHealth Group and Change Healthcare: WUSA9

Cyberattack Disrupts Major U.S. Healthcare Network, Exposing Patient Data

100After Incident
CRITICAL0
CHAUNI1776205836
Cyberattack Disrupts Major U.S. Healthcare Network, Exposing Patient Data A ransomware attack on Change Healthcare, a key subsidiary of UnitedHealth Group (UHG), has caused widespread disruption across the U.S. healthcare system, impacting pharmacies, hospitals, and patients nationwide. The incident, first detected on February 21, 2024, forced the company to take its systems offline, halting critical services such as prescription processing, insurance claims, and payment systems. The attack has been attributed to the BlackCat/ALPHV ransomware group, which claimed responsibility and later allegedly received a $22 million ransom payment one of the largest known in healthcare. Despite the payment, the group reportedly withheld decryption keys, leaving Change Healthcare to rebuild affected systems independently. The breach exposed sensitive patient data, including medical records, billing information, and personal identifiers, though the full extent of the compromise remains under investigation. The fallout has been severe: pharmacies faced delays in filling prescriptions, healthcare providers struggled with billing disruptions, and patients encountered difficulties accessing medications. The American Hospital Association (AHA) warned of "catastrophic" financial strain on hospitals, some of which reported cash-flow crises due to unprocessed claims. The U.S. Department of Health and Human Services (HHS) and the Cybersecurity and Infrastructure Security Agency (CISA) are coordinating with law enforcement to assess the breach’s scope and mitigate further risks. Change Healthcare has since restored many services, but the incident underscores the growing threat of ransomware to critical infrastructure, particularly in healthcare, where operational disruptions can have life-threatening consequences. The attack also raises concerns about the BlackCat group’s tactics, including double-extortion schemes and targeting high-value victims for maximum leverage. Investigations into the breach’s origins and potential regulatory penalties are ongoing.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial gain
IMPACT
Data Compromised: Sensitive patient data, including medical records, billing information, and personal identifiersSystems Affected: Prescription processing, insurance claims, payment systemsOperational Impact: Widespread disruption across U.S. healthcare system; pharmacies faced delays in filling prescriptions; healthcare providers struggled with billing disruptions; patients encountered difficulties accessing medicationsBrand Reputation Impact: SevereIdentity Theft Risk: HighPayment Information Risk: High
DATA BREACH
Medical recordsBilling informationPersonal identifiersSensitivity Of Data: HighData Encryption: YesPersonally Identifiable Information: Yes
Ransomware
14 Apr 2026UnitedHealth Group
UnitedHealth Group and Change Healthcare: KARE 11

Ransomware Attack on Change Healthcare Disrupts U.S. Healthcare Network

100After Incident
CRITICAL0
UNICHA1776140687
Cyberattack Disrupts Major U.S. Healthcare Network, Exposing Patient Data A ransomware attack on Change Healthcare, a key subsidiary of UnitedHealth Group (UHG), has caused widespread disruptions across the U.S. healthcare system, impacting pharmacies, hospitals, and patients nationwide. The incident, first detected on February 21, 2024, forced the company to take its systems offline, halting critical services such as prescription processing, insurance claims, and payment systems. The attack has been attributed to the BlackCat/ALPHV ransomware group, which reportedly exploited vulnerabilities in Change Healthcare’s IT infrastructure. While UHG has not confirmed whether a ransom was paid, the group claimed responsibility and later removed its dark web post, a tactic often associated with negotiations or payment. The breach exposed sensitive patient data, though the full extent of the compromise remains under investigation. The fallout has been severe, with pharmacies reporting delays in filling prescriptions, healthcare providers struggling to process claims, and patients facing difficulties accessing medications. Some hospitals have resorted to manual workarounds, while others have temporarily diverted services to alternative systems. The American Hospital Association (AHA) has urged federal agencies to provide emergency funding and support to mitigate the crisis. As of March 2024, Change Healthcare has begun restoring services, but full recovery is expected to take weeks. The incident underscores the growing threat of ransomware to critical infrastructure, particularly in the healthcare sector, where operational disruptions can have life-threatening consequences. Regulatory bodies, including the HHS Office for Civil Rights (OCR), are monitoring the situation for potential HIPAA violations.
INCIDENT DETAILS -
TYPE
Ransomware
IMPACT
Data Compromised: Sensitive patient dataPrescription processingInsurance claimsPayment systemsDowntime: Weeks (ongoing as of March 2024)Operational Impact: Widespread disruptions in pharmacies, hospitals, and patient services; manual workarounds required; service diversions
DATA BREACH
Type Of Data Compromised: Patient dataSensitivity Of Data: High (sensitive patient data)Personally Identifiable Information: Likely (patient data)
APRIL 2026
100Before Incident
Ransomware
09 Apr 2026UnitedHealth Group
Change Healthcare: MSN

Cyberattack Disrupts Major U.S. Healthcare Network, Exposing Patient Data

100After Incident
CRITICAL0
CHA1775773596
Cyberattack Disrupts Major U.S. Healthcare Network, Exposing Patient Data A significant cyberattack targeted Change Healthcare, a key subsidiary of UnitedHealth Group, in late February 2024, causing widespread disruptions across the U.S. healthcare system. The attack, attributed to the BlackCat/ALPHV ransomware group, encrypted critical systems, halting claims processing, prescription fulfillment, and payment operations for pharmacies, hospitals, and clinics nationwide. The incident forced healthcare providers to revert to manual processes, delaying patient care and financial transactions. While UnitedHealth Group confirmed the attack on February 21, the full extent of the breach remains under investigation. Early reports suggest sensitive patient data, including medical records and personal information, may have been exfiltrated, raising concerns about potential identity theft and fraud. Change Healthcare, which processes nearly 15 billion healthcare transactions annually, plays a central role in the U.S. medical billing ecosystem. The attack underscores vulnerabilities in third-party healthcare IT infrastructure and the growing threat of ransomware targeting critical services. As of early March, recovery efforts were ongoing, with UnitedHealth Group working to restore systems and mitigate further risks. The incident has prompted discussions among policymakers and cybersecurity experts about strengthening defenses in the healthcare sector.
INCIDENT DETAILS -
TYPE
Ransomware
IMPACT
Data Compromised: Sensitive patient data, including medical records and personal informationSystems Affected: Claims processing, prescription fulfillment, payment operationsOperational Impact: Widespread disruptions, manual processes required, delayed patient care and financial transactionsIdentity Theft Risk: Potential identity theft and fraud
DATA BREACH
Type Of Data Compromised: Medical records, personal informationSensitivity Of Data: HighData Exfiltration: PossibleData Encryption: Yes (ransomware encryption)Personally Identifiable Information: Yes
MARCH 2026
100Before Incident
FEBRUARY 2026
102Before Incident
Ransomware
03 Feb 2026UnitedHealth Group
UnitedHealth Group and Change Healthcare: NEWS CENTER Maine

Cyberattack Disrupts Major U.S. Healthcare Network, Exposing Patient Data

100After Incident
CRITICAL-2
CHAUNI1770195897
Cyberattack Disrupts Major U.S. Healthcare Network, Exposing Patient Data A ransomware attack on Change Healthcare, a key subsidiary of UnitedHealth Group (UHG), has caused widespread disruptions across the U.S. healthcare system, impacting pharmacies, hospitals, and insurance providers. The incident, first detected on February 21, 2024, forced the company to take its systems offline, halting critical services such as prescription processing, claims submissions, and payment transactions. The attack has been attributed to the BlackCat/ALPHV ransomware group, which claimed responsibility and later listed the stolen data on its dark web leak site. While UHG has not confirmed whether a ransom was paid, reports suggest the hackers may have received a $22 million payment one of the largest known ransomware payouts to date. The breach exposed sensitive patient information, including medical records, billing details, and personal identifiers, though the full extent of the data compromise remains under investigation. The outage has had cascading effects, with pharmacies reporting delays in filling prescriptions, healthcare providers struggling to verify insurance coverage, and patients facing challenges accessing medications. Some hospitals have resorted to manual workarounds, while others have temporarily diverted patients to alternative facilities. The American Hospital Association (AHA) and the U.S. Department of Health and Human Services (HHS) have issued alerts, urging organizations to monitor for potential fraud and reinforce cybersecurity measures. Change Healthcare has since begun restoring services, with partial functionality returning in early March, but full recovery is expected to take weeks. The incident underscores the growing threat of ransomware to critical infrastructure, particularly in the healthcare sector, where operational disruptions can directly endanger patient care. Regulatory scrutiny is likely to follow, as lawmakers and industry groups assess the attack’s implications for data security and resilience in the healthcare ecosystem.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial gain
IMPACT
Data Compromised: Sensitive patient information, including medical records, billing details, and personal identifiersSystems Affected: Prescription processing, claims submissions, payment transactionsDowntime: Weeks (partial recovery in early March 2024)Operational Impact: Widespread disruptions across pharmacies, hospitals, and insurance providers; manual workarounds and patient diversionsBrand Reputation Impact: SignificantLegal Liabilities: LikelyIdentity Theft Risk: HighPayment Information Risk: High
DATA BREACH
Medical recordsBilling detailsPersonal identifiersSensitivity Of Data: HighData Exfiltration: Yes (listed on dark web leak site)Data Encryption: Yes (ransomware encryption)Personally Identifiable Information: Yes
JANUARY 2026
256Before Incident
DECEMBER 2025
241Before Incident
Ransomware
11 Dec 2025UnitedHealth Group
UnitedHealth, Ticketmaster, MGM Resorts, Ripple, Snowflake, Google, Allianz, Equifax, Maersk, Toyota, Merck and Oracle: 2025 Cybersecurity Almanac: 100 Facts, Figures, Predictions And Statistics

Global Cybercrime Surge and Major Incidents (2024-2025)

100After Incident
CRITICAL-141
MEREQUUNIMAEMGMGOOTOYSNOALLORARIPTIC1775528897
Cybercrime in 2025: A Global Threat Surpassing National Economies Cybercrime continues to escalate into one of the world’s most lucrative illicit industries, with damages projected to reach $10.5 trillion USD globally in 2025 a figure that, if measured as a country, would rank as the third-largest economy after the U.S. and China. This staggering growth, driven by increasingly sophisticated attacks, underscores the evolving threat landscape as cybercriminals target businesses, governments, and individuals with alarming efficiency. ### The Cybercrime Epidemic: Key Trends - Underreporting Persists: Despite improved reporting practices, less than 25% of global cybercrimes are reported to law enforcement, leaving vast swaths of criminal activity unaddressed. - Youth-Driven Threats: The FBI reports that cybercriminals are getting younger, with the average age of arrested offenders dropping a trend that complicates traditional law enforcement approaches. - Hotspots Identified: A 2024 World Cybercrime Index ranked Russia, Ukraine, China, the U.S., Nigeria, and Romania as the top sources of cybercrime, highlighting concentrated hubs of malicious activity. ### Ransomware: A Pervasive Threat Ransomware remains a dominant force, with attacks increasing 9% year-over-year in 2024. The most active groups Akira, LockBit, RansomHub, FOG, and PLAY targeted critical infrastructure, with 88% of small-to-midsized businesses (SMBs) and 39% of large enterprises experiencing breaches. The financial toll is staggering: - $20 billion USD in 2021 (up from $325 million in 2015). - Projected to exceed $265 billion by 2031, with attacks occurring every 2 seconds by 2031. High-profile incidents in 2024–2025 include: - UnitedHealth’s $1.6 billion loss after a ransomware attack disrupted U.S. healthcare payments. - CDK Global’s auto dealership shutdowns, forcing businesses offline for days after a ransom demand in the tens of millions. - MGM Resorts’ $100 million hit from a 2023 attack that crippled casino operations. ### Cryptocurrency Crime: A Booming Black Market Cryptocurrency-related crimes surged, with $28 billion in illicit funds flowing into exchanges over two years. Key developments: - Ripple co-founder Chris Larsen lost $112.5 million in a 2024 hack one of the largest individual crypto thefts. - Huione, a Cambodian marketplace, processed $70 billion in suspicious transactions since 2021, facilitating scams, fraud, and sanctioned activities. - North Korea’s Lazarus Group was linked to the $625 million Axie Infinity hack (2022), the largest crypto theft to date. ### Major Breaches and Supply-Chain Attacks 2024–2025 saw a wave of supply-chain and cloud-based attacks, exposing vulnerabilities in interconnected systems: - Snowflake Breach: Hackers exploited stolen credentials to access 560 million Ticketmaster records and Live Nation data, prompting a federal investigation. - Salesforce Exploits: The ShinyHunters gang breached dozens of companies, including Google, Allianz, and Toyota, by targeting cloud databases. - MOVEit Hack: The Clop ransomware group compromised 2,600+ organizations, including U.S. government agencies and global corporations. - Oracle Cloud Attack: Over 100 companies were affected by a campaign targeting Oracle’s business software, with damages still being tallied. ### Historic Cyberattacks: Lessons from the Past The report highlights landmark cyber incidents that reshaped security paradigms: - Equifax (2017): 147 million records exposed, including Social Security numbers, due to an unpatched vulnerability. - NotPetya (2017): A $10 billion attack originating in Ukraine, crippling Maersk, Merck, and global supply chains. - WannaCry (2017): Infected 200,000 systems across 150 countries, demanding Bitcoin ransoms. - Stuxnet (2010): A U.S.-Israeli cyberweapon that sabotaged Iran’s nuclear centrifuges. - Heartbleed (2014): A catastrophic OpenSSL flaw that exposed 500,000 servers to data theft. ### The Future of Cybersecurity While AI-driven defenses have reduced breach containment times to 241 days (the lowest in nine years), the same technologies are being weaponized by attackers. With 60% of global data now stored in the cloud and 6 billion internet users by 2025, the attack surface continues to expand. Small businesses remain particularly vulnerable 60% fold within six months of a cyberattack. As cybercrime evolves, the economic and operational risks demand heightened vigilance, though the battle against digital threats shows no signs of slowing.
INCIDENT DETAILS -
TYPE
RansomwareData BreachSupply-Chain AttackCryptocurrency Crime
MOTIVATION
Financial gainData exfiltrationDisruption of critical infrastructureEspionage
IMPACT
Financial Loss: $10.5 trillion (projected global damages in 2025)560 million Ticketmaster recordsLive Nation data147 million Equifax records200,000 systems (WannaCry)500,000 servers (Heartbleed)Healthcare payments (UnitedHealth)Auto dealerships (CDK Global)Casino operations (MGM Resorts)2,600+ organizations (MOVEit)100+ companies (Oracle Cloud)Days (CDK Global)Extended (MGM Resorts)Disrupted U.S. healthcare paymentsForced businesses offlineCrippled casino operationsGlobal supply chain disruptions$1.6 billion (UnitedHealth)$100 million (MGM Resorts)Tens of millions (CDK Global)High (Equifax, Ticketmaster, Live Nation)Federal investigations (Snowflake breach)Fines (Equifax)High (Equifax, Ticketmaster)High (Ticketmaster, Live Nation)
DATA BREACH
Personally Identifiable Information (PII)Payment informationHealthcare dataCorporate data560 million (Ticketmaster)147 million (Equifax)200,000 systems (WannaCry)High (PII, payment info, healthcare data)Yes (Snowflake, ShinyHunters, Clop)Yes (Ransomware attacks)Social Security numbers (Equifax)Customer records (Ticketmaster, Live Nation)
NOVEMBER 2025
306Before Incident
OCTOBER 2025
226Before Incident
SEPTEMBER 2025
244Before Incident
AUGUST 2025
232Before Incident
JUNE 2025
100Before Incident
Ransomware
06 Jun 2025UnitedHealth Group
UnitedHealth

Ransomware Incident Analysis

100After Incident
CRITICAL0
UNI721060625
UnitedHealth faced a significant ransomware attack where its subsidiary, Change Healthcare, was compromised. The attack disrupted pharmacy operations, leading to chaos and a desperate need to fill prescriptions. UnitedHealth ultimately paid $22 million in bitcoin to the ALPHV/BlackCat gang to restore services quickly.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial Gain
MARCH 2025
220Before Incident
Ransomware
01 Mar 2025UnitedHealth Group
Change Healthcare

Massive Cyberattack on Change Healthcare

100After Incident
CRITICAL-120
CHA123030725
Change Healthcare, a subsidiary of UnitedHealth, faced a massive cyberattack which disrupted billions of medical claims processing and cost the company $3.1 billion. Dubbed the most significant attack in U.S. healthcare history, it led to extensive disruptions in the healthcare sector. The attack's magnitude and repercussions across interconnected systems underscore its potential to ripple through and impact an entire industry.
INCIDENT DETAILS -
TYPE
Cyberattack
IMPACT
Financial Loss: $3.1 billionSystems Affected: Medical claims processing systemsOperational Impact: Extensive disruptions in the healthcare sector
FEBRUARY 2025
104Before Incident
Ransomware
21 Feb 2025UnitedHealth Group
UnitedHealth Group

Ransomware Attack on Change Healthcare

100After Incident
CRITICAL-4
UNI002033125
The ransomware attack on Change Healthcare, a component of UnitedHealth Group, reported on February 21, has been notably disruptive within the healthcare industry. This cyberattack is projected to result in financial damages approximating $1.6 billion. The incident has caused considerable perturbation amid providers contending with its extensive repercussions. Recovery efforts are hampered by the lack of clear communication from United Health and Change Healthcare, as providers await definitive instructions from the OCR regarding their reporting duties under HIPAA for this breach.
INCIDENT DETAILS -
TYPE
Ransomware
IMPACT
Financial Loss: $1.6 billion
JULY 2024
100Before Incident
Ransomware
29 Jul 2024UnitedHealth Group
Change Healthcare

Change Healthcare Cyberattack

100After Incident
CRITICAL0
CHA002032225
Change Healthcare experienced a cyberattack leading to widespread disruption of medical billing and pre-authorization services, affecting hundreds of health systems across the United States. The incident resulted in delays in medical procedures, restricted access to prescription medications, financial strains on health systems, and some reportedly facing receivership. The consolidation in healthcare has resulted in fewer alternatives for such services, emphasizing the failures and risks associated with creating single points of failure within critical healthcare infrastructure.
INCIDENT DETAILS -
TYPE
Cyberattack
IMPACT
Delays in medical proceduresRestricted access to prescription medicationsFinancial strains on health systemsSome health systems facing receivershipMedical billing servicesPre-authorization servicesOperational Impact: Widespread disruption of medical billing and pre-authorization services
JULY 2024
259Before Incident
Ransomware
01 Jul 2024UnitedHealth Group
United Health Group

Cyberattack on Change Healthcare

100After Incident
CRITICAL-159
UNI000092824
United Health Group encountered severe financial and operational disruptions due to the cyberattack on its subsidiary, Change Healthcare. The attack impaired medical billing and pre-authorization services, causing healthcare procedures to be delayed and prescriptions to be inaccessible. This led to delayed income for healthcare systems, impacting their ability to pay staff and potentially forcing some into financial turmoil. The resultant lack of care and delayed procedures may have affected patient health outcomes.
INCIDENT DETAILS -
TYPE
Cyberattack
IMPACT
Medical billingPre-authorization servicesDelayed healthcare proceduresInaccessible prescriptionsDelayed income for healthcare systems
JUNE 2024
111Before Incident
Breach
16 Jun 2024UnitedHealth Group
UnitedHealth Group

UnitedHealth Group Cyber-Attack

100After Incident
CRITICAL-11
UNI000013125
UnitedHealth Group, parent company of Change Healthcare, reported a cyber-attack affecting 190 million individuals, an increase of 90 million from initial reports. As one of the largest healthcare payment processors, this incident is the most severe healthcare data breach of 2024. The breach, perpetrated by ransomware group ALPHV/Blackcat, led to substantial financial consequences with costs reaching $3.1 billion, according to the company's financial results. This breach has not only compromised the personal information of millions but also resulted in multiple lawsuits against UnitedHealth Group.
INCIDENT DETAILS -
TYPE
Data Breach, Ransomware
IMPACT
Financial Loss: $3.1 billionData Compromised: Personal information of 190 million individualsLegal Liabilities: Multiple lawsuits
DATA BREACH
Type Of Data Compromised: Personal informationNumber Of Records Exposed: 190 million
MAY 2024
413Before Incident
Ransomware
01 May 2024UnitedHealth Group
UnitedHealth Group

Ransomware Attack on UnitedHealth Group and Change Healthcare

100After Incident
CRITICAL-313
UNI004032125
UnitedHealth Group, the parent company of Change Healthcare, was affected by a ransomware attack that resulted in substantial operational disruption across the healthcare sector. Costs associated with the breach are projected to reach $1.6 billion. This breach compelled healthcare organizations to seek clarifications on their reporting obligations under HIPAA. While the extent of the compromised personal health information (PHI) is still being assessed, the situation highlights the complex challenges involved in managing and securing sensitive healthcare information in the digital age, alongside navigating the intricacies of legal and regulatory compliance.
INCIDENT DETAILS -
TYPE
Ransomware
IMPACT
Financial Loss: $1.6 billionData Compromised: Personal Health Information (PHI)Operational Impact: Substantial operational disruption
DATA BREACH
Type Of Data Compromised: Personal Health Information (PHI)Sensitivity Of Data: High
APRIL 2024
450Before Incident
Breach
01 Apr 2024UnitedHealth Group
UnitedHealth Group Inc.

Cybersecurity Breach at Change Healthcare Unit of UnitedHealth Group Inc.

196After Incident
CRITICAL-254
UNI457070524
UnitedHealth Group Inc. experienced a substantial cybersecurity breach at its Change Healthcare unit, leading to significant financial repercussions. The breach resulted in immediate response costs and broader business disruption, totaling approximately $872 million in the first quarter, with projections of the total pre-tax cost reaching between $1.35 billion and $1.6 billion. Additionally, UnitedHealth is allocating $800 million as claims reserves, to address potential claims from providers due to interrupted services since the breach was reported on February 21. The breach has affected both the network security of Change Healthcare and the continuity of services to providers and partners.
INCIDENT DETAILS -
TYPE
Cybersecurity Breach
IMPACT
$872 million in the first quarter$1.35 billion to $1.6 billion total pre-tax costNetwork security of Change HealthcareContinuity of services to providers and partnersOperational Impact: Interrupted services to providers
MARCH 2024
352Before Incident
Ransomware
01 Mar 2024UnitedHealth Group
UnitedHealth Group

UnitedHealth Group Ransomware Attack

232After Incident
CRITICAL-120
UNI1012070724
UnitedHealth Group experienced a ransomware attack on February 21, which disrupted their services including medical claim handling and revenue cycle services. This resulted in severe delays in processing claims, pushing healthcare providers towards financial distress, with some nearly facing bankruptcy. The attack by the group BlackCat forced UnitedHealth to rebuild services and affected providers have started filing lawsuits due to not maintaining adequate cybersecurity measures, with allegations of sensitive information leaks. UnitedHealth has paid over $2 billion to affected providers and the data compromised in the attack remains undisclosed.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial Gain
IMPACT
Financial Loss: $2 billionMedical claim handlingRevenue cycle servicesDowntime: Severe delays in processing claimsOperational Impact: Rebuild servicesLegal Liabilities: Lawsuits filed by affected providers
FEBRUARY 2024
602Before Incident
Cyber Attack
21 Feb 2024UnitedHealth Group
UnitedHealth Group and Change Healthcare: WNEP

Ransomware Attack on Change Healthcare Disrupts U.S. Healthcare Network

350After Incident
CRITICAL-252
UNICHA1768835481
Cyberattack Disrupts Major U.S. Healthcare Network, Exposing Patient Data A ransomware attack targeted Change Healthcare, a key subsidiary of UnitedHealth Group (UHG), on February 21, 2024, crippling critical payment and claims processing systems across the U.S. healthcare sector. The incident, attributed to the BlackCat/ALPHV ransomware group, forced widespread disruptions in pharmacies, hospitals, and clinics, delaying prescriptions, billing, and insurance reimbursements. The attack exploited vulnerabilities in Change Healthcare’s IT infrastructure, encrypting systems and exfiltrating sensitive data, including patient records and financial information. While UHG has not confirmed the full extent of the breach, reports suggest millions of individuals may be affected, with some data already surfacing on dark web forums. In response, UHG isolated affected systems, engaged cybersecurity firms, and worked with law enforcement, including the FBI and CISA. The outage lasted over a week, with partial restoration beginning in early March, though lingering disruptions continued to strain healthcare providers. The incident underscores the growing threat of ransomware to critical infrastructure, particularly in sectors reliant on interconnected digital systems. The fallout has prompted scrutiny of healthcare cybersecurity practices, with industry experts warning of potential long-term financial and operational consequences for providers already grappling with the attack’s aftermath.
INCIDENT DETAILS -
TYPE
Ransomware
IMPACT
Data Compromised: Patient records and financial informationSystems Affected: Payment and claims processing systemsDowntime: Over a weekOperational Impact: Delayed prescriptions, billing, and insurance reimbursementsIdentity Theft Risk: HighPayment Information Risk: High
DATA BREACH
Patient recordsFinancial informationNumber Of Records Exposed: MillionsSensitivity Of Data: HighData Exfiltration: YesData Encryption: YesPersonally Identifiable Information: Yes
Ransomware
21 Feb 2024UnitedHealth Group
UnitedHealth Group and Change Healthcare: JavaScript is disabled

Cyberattack Disrupts Major U.S. Healthcare Network, Exposing Patient Data

350After Incident
CRITICAL-252
UNICHA1769160792
Cyberattack Disrupts Major U.S. Healthcare Network, Exposing Patient Data A ransomware attack on Change Healthcare, a critical payment and claims processing platform owned by UnitedHealth Group (UHG), has caused widespread disruptions across the U.S. healthcare system. The incident, first detected on February 21, 2024, forced the company to take its systems offline, halting prescription processing, insurance claims, and billing operations for pharmacies, hospitals, and clinics nationwide. The attack has been attributed to the BlackCat/ALPHV ransomware group, which claimed responsibility and allegedly exfiltrated 6 terabytes of sensitive data, including patient records, payment details, and personal information. While UHG has not confirmed whether a ransom was paid, reports suggest the group received a $22 million payment one of the largest known ransomware payouts to date. The fallout has been severe: pharmacies reported delays in filling prescriptions, healthcare providers faced cash flow shortages due to unprocessed claims, and some patients were forced to pay out-of-pocket for medications. The U.S. Department of Health and Human Services (HHS) and the Cybersecurity and Infrastructure Security Agency (CISA) are investigating the breach, which has raised concerns about the vulnerability of third-party healthcare vendors. Change Healthcare has since restored some services, but full recovery remains ongoing. The incident underscores the growing threat of ransomware to critical infrastructure, particularly in sectors reliant on interconnected digital systems.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial gain
IMPACT
Data Compromised: 6 terabytes of sensitive dataSystems Affected: Payment and claims processing systems, prescription processing, insurance claims, billing operationsOperational Impact: Halted prescription processing, insurance claims, and billing operations; cash flow shortages for healthcare providers; patients forced to pay out-of-pocket for medicationsIdentity Theft Risk: HighPayment Information Risk: High
DATA BREACH
Type Of Data Compromised: Patient records, payment details, personal informationSensitivity Of Data: HighData Exfiltration: YesPersonally Identifiable Information: Yes
Ransomware
21 Feb 2024UnitedHealth Group
UnitedHealth Group and Change Healthcare: JavaScript is disabled

Ransomware Attack on Change Healthcare Disrupts U.S. Healthcare Network

350After Incident
CRITICAL-252
UNICHA1769031261
Cyberattack Disrupts Major U.S. Healthcare Network, Exposing Patient Data A ransomware attack on Change Healthcare, a key subsidiary of UnitedHealth Group (UHG), has severely disrupted healthcare operations across the U.S., exposing sensitive patient data and causing widespread payment processing delays. The incident, first detected on February 21, 2024, forced the company to disconnect critical systems to contain the breach, leading to cascading effects on pharmacies, hospitals, and clinics reliant on its services. BlackCat/ALPHV, a notorious ransomware group, claimed responsibility for the attack, asserting they exfiltrated 6 terabytes of data, including medical records, insurance details, and personal information. While UHG has not confirmed whether a ransom was paid, the group’s involvement suggests a financially motivated breach targeting the healthcare sector’s high-value data. The outage has left providers unable to process claims, verify insurance eligibility, or dispense prescriptions, with some reporting delays in patient care. The American Hospital Association (AHA) warned of "severe financial strain" on smaller healthcare facilities, while federal agencies, including the HHS and FBI, are investigating the incident. Change Healthcare has since restored some services but continues to assess the full scope of the breach. The attack underscores the growing vulnerability of healthcare infrastructure to cyber threats, with experts noting that the sector’s interconnected systems create high-impact targets for ransomware operators. No timeline has been provided for full recovery.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial gain
IMPACT
Data Compromised: 6 terabytes of data, including medical records, insurance details, and personal informationSystems Affected: Payment processing, insurance eligibility verification, prescription dispensingOperational Impact: Severe disruption to healthcare operations, delays in patient careBrand Reputation Impact: HighIdentity Theft Risk: HighPayment Information Risk: High
DATA BREACH
Medical recordsInsurance detailsPersonal informationSensitivity Of Data: HighData Exfiltration: 6 terabytes of data exfiltratedPersonally Identifiable Information: Yes
Ransomware
21 Feb 2024UnitedHealth Group
UnitedHealth Group and Change Healthcare: U.S. Investors Accuse South Korea of Discrimination Over Coupang Data Leak

Ransomware Attack on Change Healthcare Disrupts U.S. Healthcare Network

350After Incident
CRITICAL-252
UNICHA1769088935
Cyberattack Disrupts Major U.S. Healthcare Network, Exposing Patient Data A ransomware attack on Change Healthcare, a key subsidiary of UnitedHealth Group, has caused widespread disruption across the U.S. healthcare system, impacting pharmacies, hospitals, and insurance providers. The incident, first detected on February 21, 2024, forced the company to disconnect critical systems to contain the breach, leading to delays in prescription processing, billing, and claims submissions nationwide. The attack has been attributed to the BlackCat/ALPHV ransomware group, which claimed responsibility and allegedly exfiltrated 6 terabytes of sensitive data, including patient records, insurance details, and financial information. While UnitedHealth Group has not confirmed whether a ransom was paid, the group’s dark web leak site previously listed Change Healthcare as a victim before the listing was removed suggesting possible negotiations. The fallout has been severe, with some healthcare providers reporting cash flow disruptions due to halted payments, while patients faced difficulties accessing medications. The American Hospital Association (AHA) and U.S. Department of Health and Human Services (HHS) have issued alerts, urging providers to implement contingency plans. Investigations by cybersecurity firms and federal agencies, including the FBI and CISA, are ongoing to assess the full scope of the breach and its implications for healthcare cybersecurity. This incident underscores the growing threat of ransomware to critical infrastructure, particularly in sectors reliant on interconnected digital systems. The attack’s ripple effects continue to strain an already overburdened healthcare system, raising concerns about long-term vulnerabilities in patient data protection.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial gain
IMPACT
Data Compromised: 6 terabytes of sensitive data, including patient records, insurance details, and financial informationSystems Affected: Pharmacies, hospitals, insurance providers, prescription processing, billing, and claims submissions systemsOperational Impact: Delays in prescription processing, billing, and claims submissions; cash flow disruptions for healthcare providersBrand Reputation Impact: SevereIdentity Theft Risk: HighPayment Information Risk: High
DATA BREACH
Type Of Data Compromised: Patient records, insurance details, financial informationSensitivity Of Data: HighData Exfiltration: YesData Encryption: Yes (ransomware encryption)Personally Identifiable Information: Yes
Cyber Attack
21 Feb 2024UnitedHealth Group
UnitedHealth Group: Daedong-USA confronts US data-breach fallout and right-to-repair pressures

Ransomware Attack on Change Healthcare Disrupts U.S. Healthcare Network

350After Incident
CRITICAL-252
UNI1769031536
Cyberattack Disrupts Major U.S. Healthcare Network, Exposing Patient Data A ransomware attack on Change Healthcare, a key subsidiary of UnitedHealth Group, has severely disrupted U.S. healthcare operations, causing widespread delays in prescription processing, insurance claims, and payment systems. The incident, detected on February 21, 2024, forced the company to take its systems offline, impacting pharmacies, hospitals, and clinics nationwide. The attack has been attributed to the BlackCat/ALPHV ransomware group, which claimed responsibility and allegedly stole 6 terabytes of sensitive data, including patient records, billing information, and personal details. While Change Healthcare has not confirmed the ransom demand, reports suggest the group sought $22 million in cryptocurrency. The outage has left healthcare providers struggling to verify insurance coverage, process payments, and fill prescriptions, with some pharmacies resorting to manual workarounds. The American Hospital Association (AHA) described the disruption as "the most significant cyberattack on the U.S. healthcare system in history," urging federal intervention. UnitedHealth Group has engaged cybersecurity firms to investigate and restore services, though full recovery remains uncertain. The incident underscores the growing threat of ransomware to critical infrastructure, with regulators and lawmakers scrutinizing healthcare cybersecurity vulnerabilities. No evidence has emerged that the stolen data has been publicly leaked yet.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial gain
IMPACT
Data Compromised: 6 terabytes of sensitive dataSystems Affected: Prescription processing, insurance claims, payment systemsOperational Impact: Widespread delays in healthcare operations, manual workarounds requiredBrand Reputation Impact: SignificantIdentity Theft Risk: HighPayment Information Risk: High
DATA BREACH
Type Of Data Compromised: Patient records, billing information, personal detailsSensitivity Of Data: HighData Exfiltration: YesData Encryption: YesPersonally Identifiable Information: Yes
FEBRUARY 2024
830Before Incident
Ransomware
01 Feb 2024UnitedHealth Group
UnitedHealth Group (Change Healthcare)

Cyberattack on Indian Council of Medical Research (ICMR) Leads to Data Breach of 81.5 Crore Citizens

598After Incident
CRITICAL-232
UNI1362813111425
UnitedHealth Group’s subsidiary Change Healthcare suffered a massive cyberattack in February 2024, attributed to the Blackcat (ALPHV) ransomware group. The attack crippled critical systems, disrupting billing, claims processing, and prescription services across the U.S. healthcare sector. Hospitals, pharmacies, and providers faced payment processing outages, delaying patient care and financial transactions. The breach also exposed sensitive patient data, including medical records and personally identifiable information (PII), though the full scope of data theft remains under investigation. UnitedHealth was forced to isolate affected systems, leading to prolonged operational disruptions. The incident triggered federal investigations, with the U.S. Department of Health and Human Services (HHS) and the FBI involved. The financial and reputational damage was severe, with stock drops and lawsuits from affected parties. The attack underscored vulnerabilities in healthcare IT infrastructure, raising concerns about future ransomware threats to critical services.
INCIDENT DETAILS -
TYPE
data breachcyberattack
MOTIVATION
financial gaindata theft
IMPACT
Aadhaar detailspassport detailsnamesphone numbersaddressesmedical recordsBrand Reputation Impact: high (potential loss of public trust in ICMR's data security)Identity Theft Risk: high
DATA BREACH
personal identifiable information (PII)medical recordsgovernment-issued IDs (Aadhaar, passport)Number Of Records Exposed: 81.5 crore (815 million)Sensitivity Of Data: high (includes Aadhaar, passport, and medical data)
Ransomware
01 Feb 2024UnitedHealth Group
Change Healthcare (UnitedHealth Group)

Ransomware Attacks Overview (2011–2025)

598After Incident
CRITICAL-232
CHA455090325
In February 2024, Change Healthcare, a critical division of UnitedHealth Group, fell victim to a devastating BlackCat/ALPHV ransomware attack. The assault crippled its systems, disrupting prescription processing, medical claims, and payment operations across the U.S. healthcare sector. Over 100 million individuals were impacted due to service outages, with hospitals, pharmacies, and insurers facing delays in billing, reimbursements, and patient care. The company paid a $22 million ransom, but total financial losses ballooned to an estimated $2 billion, factoring in operational downtime, recovery costs, and reputational damage. The attack exposed vulnerabilities in third-party supply chains, as the breach originated from compromised credentials in a connected vendor system. Regulatory scrutiny intensified, with federal investigations probing compliance failures under HIPAA and cybersecurity negligence. The incident underscored the escalating threat of RaaS (Ransomware-as-a-Service) models, where affiliate hackers leverage sophisticated tools to target high-value sectors like healthcare, exploiting systemic interdependencies for maximum disruption.
INCIDENT DETAILS -
TYPE
ransomwaredata breachsupply chain attackphishingtriple extortion
MOTIVATION
financial gain (ransom payments, data extortion)disruption of critical infrastructure (e.g., healthcare, supply chains)data theft for dark web sales (e.g., PII, medical records)espionage (e.g., state-linked DanaBot attacks)reputation damage (e.g., leaking sensitive data)
IMPACT
$4B (WannaCry, 2017)$18M (Baltimore, 2019)$50M–$70M (Cognizant, 2020)$4.4M (Colonial Pipeline) + $11M (JBS, 2021)$1.1B (MOVEit breaches, 2023)$22M ransom + $2B losses (Change Healthcare, 2024)$25M (CDK Global, 2024)$160M (CommonSpirit Health, 2022)$300M (Marks & Spencer, 2024–2025)$4B (Sensata Technologies, 2025)Average ransom payment: $2.73M (2024, up from $1.5M in 2023)Average cost per attack: $5.13M (2025, +574% since 2019)93.3M individuals (MOVEit, 2023)9.7M medical records (Medibank, 2022)5.6M patient records (Healthcorps, 2024)726K customers (Patelco Credit Union, 2024)254K users (Kadokawa/Niconico, 2024)500GB (Spanish Tax Agency, 2024)1TB (Nvidia, 2022)190GB (Samsung, 2022)65GB (British Library, University of Hawaii, 2023)PII, payment info, medical records, corporate secrets (e.g., Apple blueprints via Quanta, 2021)300K+ computers (WannaCry, 150+ countries, 2017)650 servers + 150 apps (Sky Lakes Medical Center, 2021)800 servers (Costa Rica government, 2022)10TB data (Canon, 2020)740GB (Toshiba, 2021)1.4M patient records (Lubbock County, 2019)Port of Nagoya (10% of Japan’s trade disrupted, 2023)thousands of dealerships (CDK Global, 2024)US fuel supply (Colonial Pipeline, 2021)US meat supply (JBS, 2021)1 month (Baltimore, 2019)7 months (Sky Lakes Medical Center, 2021)prolonged disruptions (Change Healthcare, CDK Global, 2024)manual processes (University Hospital Center Zagreb, 2024)fuel shortages (Colonial Pipeline, 2021)meat supply disruption (JBS, 2021)healthcare service outages (CommonSpirit, Change Healthcare)auto sales halted (CDK Global, 2024)container operations destroyed (Port of Nagoya, 2023)online retail disruptions (Marks & Spencer, 2024–2025)government crises (Costa Rica, 2022)$2B (Change Healthcare, 2024)$300M (Marks & Spencer, 2024–2025)$160M (CommonSpirit Health, 2022)stock price drops (e.g., Carnival Corp, 2020)market cap drop of £1B (Marks & Spencer, 2025)leaked sensitive data (e.g., Washington DC Police, British Library)loss of trust in healthcare (e.g., Medibank, Healthcorps)publicized breaches (e.g., Christie’s, 2025)fines for regulatory violations (e.g., GDPR, HIPAA)lawsuits from affected customers (e.g., patients, credit union members)SEC disclosures (e.g., Sensata Technologies, 2025)9.7M medical records (Medibank, 2022)5.6M patient records (Healthcorps, 2024)726K customers (Patelco Credit Union, 2024)500K clients (Christie’s, 2025)credit card data (e.g., Patelco Credit Union, 2024)financial records (e.g., Spanish Tax Agency, 2024)cryptocurrency theft (e.g., CoinDash, 2017)
DATA BREACH
PII (e.g., Medibank, Patelco Credit Union)medical records (e.g., CommonSpirit, Healthcorps)payment information (e.g., Spanish Tax Agency)corporate secrets (e.g., Apple blueprints via Quanta)government data (e.g., Washington DC Police, Costa Rica)student/employee data (e.g., Munster Technological University)customer data (e.g., Christie’s, Marks & Spencer)93.3M (MOVEit, 2023)9.7M (Medibank, 2022)5.6M (Healthcorps, 2024)726K (Patelco Credit Union, 2024)254K (Kadokawa/Niconico, 2024)500K (Christie’s, 2025)1.4M (Lubbock County, 2019)70K (Nvidia, 2022)high (PII, medical, financial, corporate secrets)MOVEit (Clop gang, 2023)BlackCat/ALPHV (Change Healthcare, 2024)REvil (JBS, Kaseya, 2021)Lapsus$ (Nvidia, Samsung, 2022)Babuk (Washington DC Police, 2021)Rhysida (British Library, 2023)WannaCry (2017, 300K+ computers)Colonial Pipeline (2021)CDK Global (2024)Change Healthcare (2024)Port of Nagoya (2023)databases (e.g., patient records, customer data)documents (e.g., corporate secrets, legal files)emails (e.g., phishing lures, credentials)source code (e.g., Samsung, Nvidia)financial records (e.g., Spanish Tax Agency)names, addresses, SSNs (e.g., Patelco Credit Union)medical histories (e.g., Medibank, Healthcorps)payment card data (e.g., retail breaches)biometric data (e.g., healthcare breaches)
MARCH 2023
842Before Incident
Cyber Attack
01 Mar 2023UnitedHealth Group
UnitedHealth Group

Cyber Incident at Change Healthcare

827After Incident
CRITICAL-15
UNI315051324
In late February, UnitedHealth Group's subsidiary Change Healthcare suffered a notable cyber incident, causing considerable disruptions within the healthcare system. This breach has impeded healthcare operations nationwide, most critically affecting the ability to submit claims and receive payments. The incident has drawn significant concern from various stakeholders within the healthcare community, raising cash flow issues among hospitals, doctors, pharmacies, and others. To mitigate the impact, the Centers for Medicare & Medicaid Services (CMS) have enacted several immediate measures to assist providers and ensure continued service to patients. The incident emphasizes the critical need for enhanced cybersecurity resilience throughout the healthcare ecosystem and has prompted the Department of Health and Human Services (HHS) to actively engage with federal bodies to provide threat intelligence to the industry and ensure a transparent, effective response to the cyberattack.
INCIDENT DETAILS -
TYPE
Cyber Incident
IMPACT
Claim submission and payment systemsImpeded healthcare operations nationwideCash flow issues among hospitals, doctors, pharmacies, and others
JUNE 2011
843Before Incident
Breach
28 Jun 2011UnitedHealth Group
UnitedHealthcare

UnitedHealth Group Data Breach

812After Incident
CRITICAL-31
UNI146072825
The California Office of the Attorney General reported a data breach involving UnitedHealth Group on March 30, 2012. The breach occurred from June 28, 2011 to December 12, 2011, potentially affecting personal information such as names, Social Security Numbers, and Medicare Healthcare Insurance Numbers, although the total number of individuals affected is unknown.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
namesSocial Security NumbersMedicare Healthcare Insurance Numbers
DATA BREACH
namesSocial Security NumbersMedicare Healthcare Insurance NumbersSensitivity Of Data: High

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for UnitedHealth Group ?
?
What was UnitedHealth Group's A.I Rankiteo Cyber Score in June 2026 ?
?
What was UnitedHealth Group's A.I Rankiteo Cyber Score in May 2026 ?
?
What was UnitedHealth Group's A.I Rankiteo Cyber Score in April 2026 ?
?
What was UnitedHealth Group's A.I Rankiteo Cyber Score in March 2026 ?
?
What was UnitedHealth Group's A.I Rankiteo Cyber Score in February 2026 ?
?
What was UnitedHealth Group's A.I Rankiteo Cyber Score in January 2026 ?
?
What was UnitedHealth Group's A.I Rankiteo Cyber Score in December 2025 ?
?
What was UnitedHealth Group's A.I Rankiteo Cyber Score in November 2025 ?
?
What was UnitedHealth Group's A.I Rankiteo Cyber Score in October 2025 ?
?
What was UnitedHealth Group's A.I Rankiteo Cyber Score in September 2025 ?
?
What was UnitedHealth Group's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on UnitedHealth Group's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with UnitedHealth Group ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view UnitedHealth Group's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?