The fallout from the February 21 cyberattack on UnitedHealth Group’s technology unit has created financial strains for small healthcare providers and triggered an investigation by the U.S. health department to ascertain whether protected health data was compromised, Reuters news report said.
While the precise impact of the breach on patient data remains uncertain, it contributes to a growing trend of disruptive cyberattacks targeting U.S. healthcare entities.
The incident underscores the vulnerability of healthcare organizations to cyber threats, with a history of significant breaches affecting millions of individuals’ sensitive information. Here’s a snapshot of some of the largest IT breaches in the sector:
Anthem Inc (2015): 78,800,000 individuals affected; Health insurer.
American Medical Collection Agency (2019): 26,059,725 individuals affected; Medical debt collector.
HCA Healthcare (2023): 11,270,000 individuals affected; Hospital operator.
Premera Blue Cross (2015): 11,000,000 individuals affected; Health insurer.
Excellus Health Plan, Inc (2015): 9,358,891 individuals affected; Health insurer.
Perry Johnson & Associates (PJ&A) (2023): 8,952,212 individuals affected; Medical transcription service provider.
Managed Care of North America (MCNA Dental) (2023): 8,861,076 individuals affected; Dental insurer.
Welltok Inc (2023): 8,493,379 individuals affected; Healthcare technology provider.
23andMe (2023): 6,900,000* individuals affected; Genetic testing company. (Note: Hackers accessed non-health information from 14,000 customer accounts, including names of about 5.5 million customers’ relatives and 1.4 million customers’ extended family members.)
PharMerica Corp (2023): 5,815,591 individuals affected; Healthcare Provider.
Source: Government data, company reports
The cyber security incident at UnitedHealth Group’s tech unit serves as a stark reminder of the urgent need for enhanced cybersecurity measures within the healthcare industry, as stakeholders grapple with the ramifications of such attacks on patient privacy and financial stability.
