Change Healthcare experienced a cyberattack, causing significant service disruption. Health systems relying on its services for medical billing and pre-authorizations were forced to delay procedures and prescriptions, resulting in financial strain, including doctor and nurse salary payment issues, with some pushed towards receivership. The over-reliance on a consolidated service provider highlighted the risk of single points of failure in the healthcare sector, exacerbated by inadequate investment in cybersecurity resiliency within the industry.
TPRM report: https://scoringcyber.rankiteo.com/company/change-healthcare
"id": "cha000082724",
"linkid": "change-healthcare",
"type": "Cyber Attack",
"date": "7/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'industry': 'Healthcare',
'name': 'Change Healthcare',
'type': 'Healthcare Service Provider'}],
'description': 'Change Healthcare experienced a cyberattack, causing '
'significant service disruption. Health systems relying on its '
'services for medical billing and pre-authorizations were '
'forced to delay procedures and prescriptions, resulting in '
'financial strain, including doctor and nurse salary payment '
'issues, with some pushed towards receivership. The '
'over-reliance on a consolidated service provider highlighted '
'the risk of single points of failure in the healthcare '
'sector, exacerbated by inadequate investment in cybersecurity '
'resiliency within the industry.',
'impact': {'operational_impact': ['Delay in procedures',
'Delay in prescriptions',
'Doctor and nurse salary payment issues'],
'systems_affected': ['Medical billing', 'Pre-authorizations']},
'lessons_learned': 'The over-reliance on a consolidated service provider '
'highlighted the risk of single points of failure in the '
'healthcare sector, exacerbated by inadequate investment '
'in cybersecurity resiliency within the industry.',
'title': 'Cyberattack on Change Healthcare',
'type': 'Cyberattack'}