There are plenty of old Russian ex-spies living in the US he could have obtained it from in a manner that is untraceable.
Not sure how much it can mean, but something the Atlanta area and UHG have in common is being recent victims of major cyberattacks from groups tied to Russia.
In February 2024, UHG’s subsidiary, Change Healthcare, suffered a ransomware attack by the ALPHV/BlackCat group, believed to operate from Russia. This breach compromised sensitive data of over 100 million individuals, marking it as one of the largest healthcare data breaches in U.S. history. UHG reportedly paid a $22 million ransom to the attackers.
In March 2018, Atlanta’s municipal government was hit by the SamSam ransomware, which encrypted a significant portion of the city’s data. The attackers demanded a ransom of approximately $51,000 in Bitcoin.
In January 2024, Fulton County, Georgia, experienced a significant cyberattack attributed to the LockBit ransomware group.
Subsequent investigations revealed that LockBit operates as a ransomware-as-a-service (RaaS) model, with its developers and affiliates primarily based in Russia. In May 2024, the U.S. Department of Justice indicted Dmitry Yuryevich Khoroshev, a Russian national alleged to be a leader of the LockBit group.
And to add some points to the timeline above, the DoJ’s investigation into UHC was initiated in October 2023. Thompson’s insider trading allegations stem from sales on February 16, 2024.
Some other things to add, UHG/UHC seems to have significant presence in the Atlanta area with multiple offices and city wide partnerships.
www.cbsnews.com
