{"schema_version":"secwatch.filing_event.v1","accession":"0000731766-24-000045","form_type":"8-K","ticker":"UNH","cik":"0000731766","company_name":"UNITEDHEALTH GROUP INC","filed_at":"2024-02-22T23:59:59+00:00","discovered_at":"2026-05-14T18:03:26.793601+00:00","generated_at":"2026-06-05T21:19:16.445472+00:00","sec_items":["1.05"],"event_type":"cyber","sentiment":"negative","materiality_score":0.7,"calibrated_materiality_score":0.7,"confidence":"high","headline":"UnitedHealth reports cyber breach at Change Healthcare by suspected nation-state actor","bullets":["Suspected nation-state threat actor gained access to Change Healthcare IT systems on Feb 21, 2024.","Company isolated impacted systems; working with law enforcement and leading security experts.","Network interruption specific to Change Healthcare; all other company systems operational.","Cannot estimate duration or extent of disruption; updates at status.changehealthcare.com.","As of filing, company has not determined incident is reasonably likely to materially impact financials."],"urls":{"canonical":"https://secwatch.observer/filing/0000731766-24-000045","json":"https://secwatch.observer/filing/0000731766-24-000045.json","markdown":"https://secwatch.observer/filing/0000731766-24-000045.md","text":"https://secwatch.observer/filing/0000731766-24-000045.txt","edgar_index":"https://www.sec.gov/Archives/edgar/data/731766/000073176624000045/0000731766-24-000045-index.htm","edgar_primary_document":"https://www.sec.gov/Archives/edgar/data/731766/000073176624000045/unh-20240221.htm"},"model":{"generated_by":"deepseek-v4-flash:cloud@v2","generated_at":"2026-06-05T21:19:16.445472+00:00"},"review":{"review_status":"machine_generated","human_reviewed":false,"corrected":false,"correction_note":null,"correction_timestamp":null,"superseded_by":null,"related_filings":[]},"source_grounded_claims":[{"claim_id":"3878d71f503a6420d1ff0742c02c71f6146766e8","claim":"UNITEDHEALTH GROUP INC disclosed a cybersecurity incident: a suspected nation-state associated cyber security threat actor had gained access to some of the Change Healthcare information technology systems. Impact: the Company proactively isolated the impacted systems from other connecting systems; working to restore systems but cannot estimate the duration or extent of the disruption; certain networks and transactional services may not be accessible. Company determined it not material. Discovered 2024-02-21.","evidence_excerpt":"As of the date of this report, the Company has not determined the incident is reasonably likely to materially impact the Company’s financial condition or results of operations.","evidence_source":"SEC 8-K Item 1.05","evidence_url":"https://www.sec.gov/Archives/edgar/data/731766/000073176624000045/0000731766-24-000045-index.htm","confidence":0.9,"family_label":"Cybersecurity Incidents","details":[{"label":"Nature","value":"a suspected nation-state associated cyber security threat actor had gained access to some of the Change Healthcare information technology systems"},{"label":"Impact","value":"the Company proactively isolated the impacted systems from other connecting systems; working to restore systems but cannot estimate the duration or extent of the disruption; certain networks and transactional services may not be accessible"},{"label":"Materiality","value":"not material"},{"label":"Discovery","value":"2024-02-21"}],"fact_type":"cyber_incident"}],"license":"Source filings: public domain (SEC EDGAR). Summaries (headline + bullets): CC-BY-4.0; attribute https://secwatch.observer"}