Cyberattack Disrupts Major U.S. Healthcare Network, Exposing Patient Data
A significant cyberattack targeted Change Healthcare, a key subsidiary of UnitedHealth Group, in late February 2024, causing widespread disruptions across the U.S. healthcare system. The attack, attributed to the BlackCat/ALPHV ransomware group, encrypted critical systems, halting claims processing, prescription fulfillment, and payment operations for pharmacies, hospitals, and clinics nationwide.
The incident forced healthcare providers to revert to manual processes, delaying patient care and financial transactions. While UnitedHealth Group confirmed the attack on February 21, the full extent of the breach remains under investigation. Early reports suggest sensitive patient data, including medical records and personal information, may have been exfiltrated, raising concerns about potential identity theft and fraud.
Change Healthcare, which processes nearly 15 billion healthcare transactions annually, plays a central role in the U.S. medical billing ecosystem. The attack underscores vulnerabilities in third-party healthcare IT infrastructure and the growing threat of ransomware targeting critical services. As of early March, recovery efforts were ongoing, with UnitedHealth Group working to restore systems and mitigate further risks. The incident has prompted discussions among policymakers and cybersecurity experts about strengthening defenses in the healthcare sector.
Change Healthcare cybersecurity rating report: https://www.rankiteo.com/company/change-healthcare
"id": "CHA1775773596",
"linkid": "change-healthcare",
"type": "Ransomware",
"date": "4/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'Pharmacies, hospitals, and '
'clinics nationwide',
'industry': 'Healthcare',
'location': 'U.S.',
'name': 'Change Healthcare',
'type': 'Subsidiary'},
{'industry': 'Healthcare',
'location': 'U.S.',
'name': 'UnitedHealth Group',
'type': 'Parent Company'}],
'data_breach': {'data_encryption': 'Yes (ransomware encryption)',
'data_exfiltration': 'Possible',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Medical records, personal '
'information'},
'date_detected': '2024-02-21',
'date_publicly_disclosed': '2024-02-21',
'description': 'A significant cyberattack targeted Change Healthcare, a key '
'subsidiary of UnitedHealth Group, in late February 2024, '
'causing widespread disruptions across the U.S. healthcare '
'system. The attack encrypted critical systems, halting claims '
'processing, prescription fulfillment, and payment operations '
'for pharmacies, hospitals, and clinics nationwide. The '
'incident forced healthcare providers to revert to manual '
'processes, delaying patient care and financial transactions. '
'Early reports suggest sensitive patient data, including '
'medical records and personal information, may have been '
'exfiltrated, raising concerns about potential identity theft '
'and fraud.',
'impact': {'data_compromised': 'Sensitive patient data, including medical '
'records and personal information',
'identity_theft_risk': 'Potential identity theft and fraud',
'operational_impact': 'Widespread disruptions, manual processes '
'required, delayed patient care and '
'financial transactions',
'systems_affected': 'Claims processing, prescription fulfillment, '
'payment operations'},
'investigation_status': 'Ongoing',
'ransomware': {'data_encryption': 'Yes',
'data_exfiltration': 'Possible',
'ransomware_strain': 'BlackCat/ALPHV'},
'response': {'recovery_measures': 'Ongoing recovery efforts to restore '
'systems'},
'threat_actor': 'BlackCat/ALPHV',
'title': 'Cyberattack Disrupts Major U.S. Healthcare Network, Exposing '
'Patient Data',
'type': 'Ransomware'}