A group of Nigerian hackers gained access to the UnitedHealthcare database and stole over six terabytes of private information and private health records belonging to 120 million Americans who were insured by the company according to a lawsuit filed by 60 affected Americans on Wednesday.

In February 2024, the hackers gained access to UnitedHealthcare’s computer systems through a series of synchronised cyberattacks. The registered clients’ names, addresses, emails, and social security numbers were stolen, and they are currently pursuing legal action.

Read also: Samsung Health digitises users’ medical history, prescriptions and hospital appointments

Lawsuit against UnitedHealthcare 

A class action lawsuit has been filed by numerous Americans against the corporation in the U.S. District Court for the District of Minnesota, alleging that a 2024 database breach resulted in the theft of their confidential health information.

The lawsuit, which was filed on January 15, 2025, states that the hacking began on February 21, 2024. Although the breach was primarily planned by Russia-based BlackCat, they claimed that Nigerians downloaded the majority of the stolen files. However, some downloads also took place in Brazil and Russia.

“The data was quickly spread across five continents: North America, Asia, Europe, Africa, and South America. In the end, it was downloaded by 47 different parties,” stated the suit filed on Wednesday.

Read also: CIRA Care set to transform childcare, elder care in Middle East with $27.7 million investment

“It was mainly downloaded by users in Nigeria, Russia, and Brazil, with the most activity coming from Nigeria and Russia,” it added. “This experiment demonstrated that data released on the dark web will quickly spread around the world.”

At least 60 Americans are participating in the action, each of whom claims in court documents that the breach negatively affected them.

This breach is regarded as one of the biggest in the history of the healthcare industry.