Health insurer UnitedHealth Group Inc said on Friday that a cyberattack on its Optum unit, which provides technology services to clients, affected the personal information of about 190 million people.
UnitedHealth Group is a leading US-based diversified healthcare company that provides a broad spectrum of products and services, including health insurance, health benefits services, and technology-enabled health services.
The company said in a statement that the attack, which it discovered in late December, did not involve medical records but included names, addresses, birth dates and Social Security numbers of some individuals.
UnitedHealth said it is working with law enforcement and cybersecurity experts to investigate the incident and is notifying affected individuals. The company also said it is taking steps to improve its cybersecurity defenses.
Key Points
- A cyberattack on UnitedHealth’s Optum unit affected the personal information of about 190 million people.
- The attack did not involve medical records, but included names, addresses, birth dates and Social Security numbers of some individuals.
- UnitedHealth is working with law enforcement and cybersecurity experts to investigate the incident and is notifying affected individuals.
- The company is also taking steps to improve its cybersecurity defenses.
“Change Healthcare is not aware of any misuse of individuals’ information as a result of this incident and has not seen electronic medical record databases appear in the data during the analysis,” the company said, adding that it has provided individual or substitute notice to the “vast majority” of those impacted.
Impact
The hack is a major blow to UnitedHealth’s reputation and could lead to lawsuits and regulatory fines. The company is also likely to face increased scrutiny from its customers and business partners.
The exposed data could be used by criminals for identity theft, fraud, and other crimes. Affected individuals should be on the lookout for suspicious activity and take steps to protect their identities.
Other Important Points
- The reason of the cyberattack has not been disclosed.
- It is not clear how the attackers gained access to UnitedHealth’s systems.
- The company is not saying whether any data was actually stolen.
