In February 2024, **Change Healthcare**, a subsidiary of **UnitedHealth Group**, fell victim to a **devastating ransomware attack** orchestrated by the **ALPHV/BlackCat** cybercriminal group. The breach crippled the company’s **payment and claims processing systems**, disrupting healthcare operations nationwide. Over **15,000 U.S. healthcare providers**—including hospitals, pharmacies, and clinics—experienced **outages in prescription processing, insurance claims, and revenue cycle management**. The attack forced many providers to **revert to manual paperwork**, delaying critical medical services and financial transactions.The incident exposed **sensitive patient data**, including **personal, financial, and medical records**, while the **ransom demand reportedly exceeded $22 million**. UnitedHealth Group confirmed the attack **compromised data across its systems**, though the full scope of the breach remains under investigation. The **prolonged downtime**—lasting weeks—**threatened the financial stability of smaller clinics** and pharmacies, some of which faced **cash flow crises** due to unprocessed claims. The U.S. Department of Health and Human Services (HHS) intervened, urging healthcare entities to **mitigate risks** and adopt emergency protocols. The attack underscored vulnerabilities in **third-party healthcare IT infrastructure**, raising concerns about **future cyber threats to the sector**.
TPRM report: https://www.rankiteo.com/company/change-healthcare
"id": "cha0693106092025",
"linkid": "change-healthcare",
"type": "Ransomware",
"date": "2/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{}