A February ransomware attack on UnitedHealth’s subsidiary Change Healthcare, led by the ALPHV (BlackCat) hacking group, exposed sensitive healthcare data for around 100 million people, impacting claims processing across the U.S. Data stolen included medical, billing, and personal information. Hackers accessed UnitedHealth’s network via stolen employee credentials lacking multi-factor authentication. UnitedHealth paid a $22 million ransom, though data deletion was not confirmed. The incident remains under federal investigation, with notifications ongoing for affected individuals.