UnitedHealth CEO has admitted paying a $22 million ransom to cybercriminals

Time to read
1 minute
Read so far

UnitedHealth CEO has admitted paying a $22 million ransom to cybercriminals

May 10, 2024 - 12:50
0 comments

UnitedHealth, the largest US company specializing in health insurance, has notified that a cyberattack may have stolen a third of its customers' data. UnitedHealth CEO Andrew Witty made the disclosure during his testimony before the US Senate Finance Committee. 

The ransomware was discovered in February within Change Healthcare, the company's platform that handles all transactions. The software processes about 50% of all medical claims from US citizens.

Only in April, the head office was able to disclose the approximate scale of the cyberattack, estimating it at $872 million. This is not counting the $6 billion that was spent to cover the losses of medical institutions affected by the actions of the hackers. The figures are not final, as the proceedings are still ongoing. According to Andrew Witty, it may take months to fully identify all the Americans affected by the cyberattack and only then the total amount of damage could be disclosed. Presumably, it will reach $1.6 billion.

Before the Senate UnitedHealth CEO admitted to paying $22 million dollars in bitcoins to the extortionists. However, there are reports that another group of hackers own copies of the stolen data. Witty would not confirm those reports.

The cyberattack affected the entire US healthcare system, as medical staff couldn’t get paid for their services. Disruptions in the financial component of their work were recorded throughout the country. The scale of the cyberattack is such that its consequences had to be considered at the highest level with the participation of congressmen.

Yaroslav Bogdanov, founder of GDA Group, commenting on the cyber incident at UnitedHealth, noted that such crimes are recorded around the world almost on the daily basis. And the scale of this phenomenon has already gone far beyond the scope of crimes for financial gains.

Yaroslav Bogdanov

“The cyberattack on UnitedHealth clearly demonstrates that such a hack can disable not only a specific company, but the health care system of an entire nation. Similar crimes in energy, transportation, and industry can lead a country to collapse. And when it comes to nuclear power, chemical production, the consequences can be most catastrophic,” said Yaroslav Bogdanov.

The cybersecurity expert is certain that paying ransom, as in the case of UnitedHealth, in no way contributes to solving the problem of cybercrime at the global level.

“The way to a successful solution of issues related to the crackdown on cybercrime lies solely in a dialog between the widest possible range of participants - representatives of government institutions and the IT sector, who through negotiations, detection of challenges, establishing new rules, will be able to ensure successful and safe digital development of the world in modern times” said the founder of GDA Group.