By Sabela Ojea


UnitedHealth said an investigation and review of the data compromised by a recent cyberattack includes protected health or personally identifiable information.

The healthcare and insurance company on Tuesday said "a substantial proportion of people in America" could be affected by the incident, but that it hasn't seen evidence of any removal of materials such as doctors' charts or full medical histories among the data.

The company also warned it will most likely take months to identify and notify the customers and individuals affected.

"We know this attack has caused concern and been disruptive for consumers and providers, and we are committed to doing everything possible to help and provide support to anyone who may need it," Chief Executive Andrew Witty said.

UnitedHealth said it's still working to restore payment processing by its Change healthcare business, which operates the largest U.S. clearinghouse for medical payments in the U.S. and is at 86% of its pre-attack levels.

Pharmacy services are back to near-normal levels, with 99% of pre-incident pharmacies able to process claim, with medical claims across the U.S. health system also running at near-normal levels.

The company's update on the cybersecurity attack follows The Wall Street Journal's article that said the hackers who attacked the Change Healthcare unit were in the company's networks for more than a week before they launched a ransomware strike.

UnitedHealth Group eventually paid a ransom to the attackers, The Wall Street Journal reported, citing a person familiar with the matter.


Write to Sabela Ojea at sabela.ojea@wsj.com; @sabelaojeaguix


(END) Dow Jones Newswires

04-22-24 1851ET