A massive ransomware attack on Change Healthcare, a UnitedHealth-owned health tech company, has resulted in the theft of sensitive medical data on at least 100 million people in the US, making it one of the largest data breaches in history. The attack, which occurred in February, has had far-reaching consequences for the healthcare sector, with many hospitals, pharmacies, and medical practices affected.

Change Healthcare, which processes billing and insurance for hundreds of thousands of healthcare providers across the US, collects and stores vast amounts of highly sensitive medical data on patients. The company's systems were breached by a ransomware gang known as ALPHV/BlackCat, which demanded a ransom in exchange for the stolen data. UnitedHealth paid a ransom of $22 million, but the hackers disappeared, and the stolen data was not returned.

The attack was initially reported on February 21, when Change Healthcare's systems suddenly went offline, causing widespread disruption to healthcare services. The company later confirmed that it had been hit by a ransomware attack, and that the hackers had stolen sensitive medical data, including medical records, health insurance information, and financial data.

In the aftermath of the attack, the US government increased its bounty to $10 million for information leading to the capture of the ALPHV/BlackCat gang. However, the gang's affiliate, who claimed to have stolen the data, set up a new extortion racket called RansomHub and published a portion of the stolen files, demanding a second ransom from UnitedHealth.

UnitedHealth has since confirmed that the ransomware attack affects a "substantial proportion of people in America," and that the stolen data includes highly sensitive information. The company has begun notifying affected individuals, but the process has been slow, with many people still waiting to receive notification.

The incident has raised concerns about the security of healthcare data and the vulnerability of healthcare providers to cyberattacks. UnitedHealth Group's chief executive, Andrew Witty, testified before lawmakers that the hackers broke into Change Healthcare's systems using a single set password on a user account not protected with multi-factor authentication, highlighting the importance of basic cybersecurity measures.

The data breach has also led to a lawsuit against Change Healthcare, filed by the state of Nebraska, accusing the company of security failings that led to the massive breach. The lawsuit alleges that Change Healthcare had poorly segmented IT systems, which allowed the hackers to travel freely between servers once inside the company's firewall.

The incident serves as a stark reminder of the importance of robust cybersecurity measures in the healthcare sector, where sensitive patient data is at risk of being exploited by cybercriminals. As the healthcare industry continues to grapple with the consequences of this massive data breach, it is clear that more needs to be done to protect patient data and prevent such attacks in the future.