Death of United Healthcare’s CEO Was Likely a Preventable Tragedy
By TorchStone Senior Analyst, Ben West
- Even a basic threat intelligence program could have identified multiple grievances against United Healthcare CEO, Brian Thompson.
- An Executive Protection team could have helped Mr. Thompson arrive safely at the previously announced investor event in a high-profile area.
Police are currently searching for an individual who shot and killed United Healthcare CEO, Brian Thompson, on the morning of Wednesday, December 4. According to preliminary information, the shooter waited outside the Hilton Hotel in Midtown Manhattan for at least 10 minutes before identifying and shooting Mr. Thompson several times in the chest. Emergency responders rushed Mr. Thompson to the nearby Mount Sinai Hospital, where he was pronounced dead.
The shooting has sent shockwaves through the boardrooms and C-suites of corporate America. As practitioners of Executive Protection and Protective Intelligence, TorchStone also took note of the incident and immediately notified clients.
While this attack is cause for concern, it is not cause for panic. Attacks like the one that took Mr. Thompson’s life are preventable. It appears that Mr. Thompson did not have security. While many CEOs forgo a protection detail as part of their day-to-day routine, Dec. 4 was no ordinary day for Mr. Thompson. The shooter attacked Mr. Thompson as he was on his way to the United Healthcare Investor Conference at the Hilton Midtown. It was a major event that had been public for at least the past week. Such high-profile events that require travel (United Healthcare is based in Minnesota) typically justify elevated security support for an executive. While today’s attack was a worst-case scenario, even mundane issues like transportation logistics and muggings can derail an executive’s day. Especially when an investor conference is on the line, what happens to a CEO can and does impact the entire company.
We do not know the shooter’s motive and likely will not have a clear picture for several days. However, we do know that previous attacks against executives like this were preceded by warning signs. An ongoing trial over the murder of Bay Area executive Bob Lee is determining whether the defendant, a friend of Lee’s, murdered him after a long-running dispute over Lee’s relationship with the defendant’s sister and their drug use. In July 2020, the personal assistant to CEO Fahim Saleh followed his boss into his Manhattan apartment and killed him following a dispute over embezzled money. Prior to that, in October 2019, tech CEO Tushar Atre was kidnapped from his home in Santa Cruz, California, and found murdered. Police eventually identified two former employees who harbored grievances over pay disputes as part of the plot.
All of these recent cases and dozens of other similar attacks against executives have two major things in common. First, the executives did not have a protection team at the time of the attack. TorchStone is not aware of even one case in which a corporate executive with protective security was kidnapped or murdered in the United States.
Second, it is important to remember that an attack like this does not just appear out of nowhere. It is the result of a deliberate—and detectable—process we refer to as the attack cycle. The actions that are required to conduct an attack must be conducted, and there are several points during the attack cycle where a would-be attacker is vulnerable to detection—but only if someone is looking.
Finally, the other referenced attacks against executives mentioned above were the culmination of an ongoing dispute that was known to the executive, if not the company in general. We do not know if Mr. Thompson’s shooter was motivated by a personal grievance linked to a specific individual, a business dispute, or general animosity towards the healthcare industry; but we are almost certain that there were warning signs prior to the attack. If someone had been monitoring those warning signs and deploying appropriate assets in response, Mr. Thompson would have most likely attended the investor conference today without incident.
As the CEO of one of the country’s largest health insurers, Mr. Thompson was the target of multiple grievances concerning healthcare issues. Based on a cursory search on the X platform, TorchStone was able to quickly find three critical mentions of Mr. Thompson so far this year. Of course, criticizing someone online does not mean there is a threat against their life, but cataloging grievances and tracking aggrieved individuals through a protective intelligence program is a key step in protecting an executive. Even a basic threat monitoring service would have been able to determine that multiple grievances against the company—specifically calling out Mr. Thompson—were circulating on the day he was scheduled to make a public appearance.
Please find examples of grievances against Brian Thompson circulating on X documented below. While none of them constituted a physical threat on their surface, consistent monitoring and threat assessments are required to assess the severity of each case. We have not included the user’s name as we do not intend to identify them as suspects—we merely want to illustrate that grievances against Mr. Thompson existed and were easily discoverable.
May 15, 2024
An X user accused Mr. Thompson of negatively impacting healthcare services in the Tampa Bay, FL area.
“This is Brian Thompson. The CEO of United Healthcare. He is responsible for the disastrous credentialing process that is going on in the Tampa Bay Area with multiple specialties, including Endocrinology specialty which is in high demand.”
November 20, 2024
An X user suggested that they had been trying to call Mr. Thompson directly and complained that:
“@UHC is blocking calls to CEO Brian Thompson while a disabled veteran woman of color, Shannon Spencer-Watson is fighting for her life after being denied coverage!! So…..please email Brian.Thompson@unitedhealthcare.com to let him know her name!”
January 23, 2024
An X user replied to United Healthcare criticizing their service and noting Mr. Thompson’s pay:
“This company is a joke! By far the worst with getting coverage! I just had to “battle” them to cover a family member’s spine surgery. The rep said I was too late to “upgrade” coverage. CEO Brian Thompson earns $22 MILLION a year! #tuesdayvibe @JohnStossel #unitedhealthcare”
As noted above, a comprehensive security program with a strong protective intelligence component can detect, deter, or prevent attacks like the one that took Mr. Thompson’s life. Tragically, it sometimes takes a horrific incident such as this one before some people recognize the importance and value of a comprehensive security program with a strong protective intelligence component.