United Health Alliance, one of the largest health insurance providers in the United States, disclosed today that a cyberattack in late March compromised the personal data of approximately 14 million current and former members. The exposed data includes names, Social Security numbers, dates of birth, medical claim histories, and insurance policy details.
The company said the breach was discovered on April 3 after security teams identified unusual data exfiltration patterns on internal servers. Forensic investigators traced the intrusion to a compromised employee VPN credential that was likely obtained through a phishing campaign. The attackers maintained access to the network for approximately 18 days before detection.
United Health Alliance is offering affected members two years of complimentary credit monitoring and identity theft protection through Experian. The company has notified the FBI and the Department of Health and Human Services, which is required under HIPAA breach notification rules. Cybersecurity experts say health insurance data is among the most valuable on dark web marketplaces, often selling for ten times the price of stolen credit card information due to its potential for medical identity fraud.
