The Change Healthcare data breach impacted over 190 million patients, making it the largest single breach ever recorded. BlackCat hackers gained access to the system via stolen credentials, exploiting a lack of multifactor authentication. UnitedHealth opted to pay the ransom, but the mastermind behind BlackCat took the full payment, leaving the affiliate who executed the data theft empty-handed. Providers faced interruptions with billing and prescriptions, while smaller providers feared bankruptcy. Over 99% of providers chose Change Healthcare to handle patient notifications about the breach, with an estimated 192.7 million individuals affected as of July 31, 2025.
The Change Healthcare data breach affecting more than 190 million patients stands as the largest single breach ever affecting patients.
Threat actors known as BlackCat used stolen credentials to access systems lacking multifactor authentication, leading to a massive data breach.
UnitedHealth decided to pay the attacker's demands but the admin of BlackCat retained the entire $22 million, leaving the affiliate without payment.
As of July 31, 2025, Change Healthcare estimates that approximately 192.7 million individuals have been potentially impacted by this security incident.
Collection
[
|
...
]