Change Healthcare 2024 Breach: 100+ Million Health Records Exposed
The Change Healthcare ransomware attack was the most disruptive healthcare cyberattack in US history, exposing health records of 100+ million people.
Unlock Full Privacy Intelligence
Get deep-dive reports on every company that touches your data. SeekerPro members see breach timelines, DSAR success rate...
Learn MoreAudit Your Site Free
Run a full privacy and compliance audit on any website in 60 seconds. NexusBro scans cookie consent, tracker behavior, a...
Learn MoreAutomate Privacy Compliance
Stop wasting hours on manual DSAR filings and cookie consent management. BliniBot handles the busywork so your team can ...
Learn MoreData Types Exposed
Response Timeline
February 21 2024: Attack begins; systems taken offline
February-March 2024: Widespread healthcare payment disruptions
March 2024: $22 million ransom reportedly paid
October 2024: 100 million+ individuals affected confirmed
Detailed Analysis
The Change Healthcare breach demonstrated the catastrophic risks of consolidation in healthcare IT. Change Healthcare processes approximately one-third of all US healthcare claims. The attack prevented pharmacies from processing prescriptions for weeks.
The breach at UnitedHealth/Change Healthcare exposed 100 million+ records through blackcat/alphv ransomware via compromised citrix portal lacking mfa. 100 million+ Americans — approximately 1 in 3 Americans may be affected The incident highlights the ongoing challenges organizations face in protecting sensitive user data against increasingly sophisticated attack vectors. Security researchers have noted that breaches of this magnitude often result from a combination of technical vulnerabilities and organizational failures in security practices.
Current status: Largest healthcare data breach in US history; congressional investigation; $22M ransom paid. Affected users should take immediate steps to protect their accounts, including changing passwords, enabling multi-factor authentication, and monitoring financial accounts for unauthorized activity. Filing a DSAR with UnitedHealth/Change Healthcare can help you understand what data was exposed and request its deletion.
What To Do If Affected
- Change your password immediately on this service and any accounts using the same password
- Enable two-factor authentication on all critical accounts
- Monitor your credit reports for unauthorized activity
- Consider placing a credit freeze with major bureaus
- File a complaint with your local data protection authority
Protect Your Data Across Every Platform
Tools trusted by thousands of privacy-conscious users worldwide
No card charged today. Cancel anytime.
Frequently Asked Questions
How many records were affected in the UnitedHealth/Change Healthcare breach?
The UnitedHealth/Change Healthcare data breach affected 100 million+ records. Data types exposed include: health insurance information, medical records, billing data, Social Security numbers, diagnoses, prescription data.
What should I do if I was affected by the UnitedHealth/Change Healthcare breach?
If you were affected, change your passwords immediately, enable two-factor authentication, monitor your credit reports, and consider placing a credit freeze. You can also submit a DSAR to UnitedHealth/Change Healthcare requesting deletion of your data.
Is there compensation for UnitedHealth/Change Healthcare breach victims?
Largest healthcare data breach in US history; congressional investigation; $22M ransom paid Check if a class action settlement exists and whether you are eligible to file a claim.