U.S. Department of Health: Hack of UnitedHealth's (UNH.US) tech unit affected 100 million people

According to the U.S. Department of Health and Human Services' Office for Civil Rights website, UnitedHealth (UNH.US) was hit by a hack attack in February that affected the personal information of 100 million people, making it the largest medical data breach in the U.S. UnitedHealth previously said the hackers may have stolen data on a third of Americans, one of the worst hacks in the U.S. healthcare industry.

The company began notifying affected patients in June.

The number of people affected was listed on the HHS Office for Civil Rights' data breach list. UnitedHealth said in a statement that the investigation is still in its final stages and will continue to notify any individuals who may have been affected as soon as possible.

UnitedHealth was hit by a data breach in 2015 that affected nearly 79 million people, Anthem, now known as Elevance Health, said.

UnitedHealth's technology unit was hit by a hack attack by a group called ALPHV, also known as "BlackRock," this year. UnitedHealth first reported the breach on Feb. 21. The breach caused widespread disruptions to claims processing, affecting patients and healthcare providers across the country.

UnitedHealth released a statement in June as part of its request, notifying that about a third of private data in the country may have been leaked in the attack.

At the time, the company said it could not confirm the nature of the data that was leaked, but it may have included Medicare member IDs, patient diagnoses, treatment information and Social Security numbers, as well as billing codes used by providers.

Earlier this month, the company predicted that the business interruption impact this year would be $705 million, the hack attack caused widespread payment and other disruptions across the country. UnitedHealth extended billions of dollars in loans to affected suppliers and incurred costs related to notifying customers about the breach.