Change Healthcare

In February 2024, Change Healthcare, a major medical billing processor in the US owned by UnitedHealth, suffered a ransomware attack by ALPHV/BlackCat gang, impacting over 100 million people. The breach involved personal data including phone numbers, addresses, financial information, health records, diagnoses, prescriptions, and treatment details. The company paid a $22 million ransom, but the aftermath saw an increased rate of healthcare-focused cyberattacks, along with lawsuits and significant blowback for compromised security measures.

Source: https://www.wired.com/story/worst-hacks-2024/

TPRM report: https://scoringcyber.rankiteo.com/company/change-healthcare

"id": "cha000122724",
"linkid": "change-healthcare",
"type": "Ransomware",
"date": "12/2024",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'Over 100 million people',
                        'industry': 'Healthcare',
                        'location': 'US',
                        'name': 'Change Healthcare',
                        'type': 'Medical Billing Processor'}],
 'data_breach': {'number_of_records_exposed': 'Over 100 million',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['phone numbers',
                                              'addresses',
                                              'financial information',
                                              'health records',
                                              'diagnoses',
                                              'prescriptions',
                                              'treatment details']},
 'date_detected': 'February 2024',
 'description': 'Change Healthcare, a major medical billing processor in the '
                'US owned by UnitedHealth, suffered a ransomware attack by '
                'ALPHV/BlackCat gang, impacting over 100 million people. The '
                'breach involved personal data including phone numbers, '
                'addresses, financial information, health records, diagnoses, '
                'prescriptions, and treatment details. The company paid a $22 '
                'million ransom, but the aftermath saw an increased rate of '
                'healthcare-focused cyberattacks, along with lawsuits and '
                'significant blowback for compromised security measures.',
 'impact': {'brand_reputation_impact': 'Significant blowback for compromised '
                                       'security measures',
            'data_compromised': ['phone numbers',
                                 'addresses',
                                 'financial information',
                                 'health records',
                                 'diagnoses',
                                 'prescriptions',
                                 'treatment details'],
            'legal_liabilities': 'Lawsuits'},
 'motivation': 'Financial Gain',
 'ransomware': {'ransom_demanded': '22 million USD',
                'ransom_paid': '22 million USD',
                'ransomware_strain': 'ALPHV/BlackCat'},
 'regulatory_compliance': {'legal_actions': 'Lawsuits'},
 'threat_actor': 'ALPHV/BlackCat gang',
 'title': 'Change Healthcare Ransomware Attack',
 'type': 'Ransomware Attack'}

Change Healthcare

Estes Forwarding Worldwide

Synnovis

United Natural Foods (UNFI)