Health Care

State Department offers $10 million reward for info on UnitedHealthcare hackers

Change Healthcare, a subsidiary of UnitedHealth Group that manages payment systems for most of the hospitals in the U.S., was hit by a cyberattack in February. The State Department is offering a $10 million reward for information about the Blackcat ransomware group responsible for the hack.

The State Department announced Wednesday it would provide a $10 million reward for information about the Blackcat ransomware group that hacked UnitedHealth Group in February.

“The ALPHV BlackCat ransomware-as-a-service group compromised computer networks of critical infrastructure sectors in the United States and worldwide, deploying ransomware on the targeted systems, disabling security features within the victim’s network, stealing sensitive confidential information, demanding payment to restore access, and threatening to publicize the stolen data if victims do not pay a ransom,” the State Department said in a statement.

Under the department’s Rewards for Justice program, administered by the Diplomatic Security Service, a reward of up to $10 million is being offered for information that would lead to the identification or location of anyone who engaged in the “malicious cyber activities” against U.S. infrastructure on behalf of a foreign government.

The group ALPHV, or Blackcat, was first deployed in 2021. The group’s members have “developed and maintained” ransomware and recruited affiliates to deploy it, the statement said.

Change Healthcare, a subsidiary of UnitedHealth Group that manages payment systems for most of the hospitals in the U.S., was hit by a cyberattack on Feb. 21. Many patients had to pay out-of-pocket for medicines and health care services due to the effects of the attack.


As of mid-March, the health care giant said that it is testing software it must restore from the attack but has no date yet for finishing the recovery. The company restored nearly all its systems for processing prescriptions, and bill and payments, The Associated Press reported.

The State Department announcement comes just after Rep. Jamie Raskin (D-Md.), the ranking member of the House Committee on Oversight and Accountability, asked the company to explain what it is doing to address the ongoing fallout from the cyberattack.

Raksin said he is worried that the company is “restricting the ability of federal agencies to provide applicable assistance to Change Healthcare.” The company has until April 8 to provide a written response.