• Home
  • cyber
  • UnitedHealth Group and Change Healthcare: JavaScript is disabled
cyber Ransomware

UnitedHealth Group and Change Healthcare: JavaScript is disabled

Feb 21, 2024 2 min read
UnitedHealth Group and Change Healthcare: JavaScript is disabled

Cyberattack Disrupts Major U.S. Healthcare Network, Exposing Patient Data

A ransomware attack on Change Healthcare, a key subsidiary of UnitedHealth Group (UHG), has severely disrupted healthcare operations across the U.S., exposing sensitive patient data and causing widespread payment processing delays. The incident, first detected on February 21, 2024, forced the company to disconnect critical systems to contain the breach, leading to cascading effects on pharmacies, hospitals, and clinics reliant on its services.

BlackCat/ALPHV, a notorious ransomware group, claimed responsibility for the attack, asserting they exfiltrated 6 terabytes of data, including medical records, insurance details, and personal information. While UHG has not confirmed whether a ransom was paid, the group’s involvement suggests a financially motivated breach targeting the healthcare sector’s high-value data.

The outage has left providers unable to process claims, verify insurance eligibility, or dispense prescriptions, with some reporting delays in patient care. The American Hospital Association (AHA) warned of "severe financial strain" on smaller healthcare facilities, while federal agencies, including the HHS and FBI, are investigating the incident. Change Healthcare has since restored some services but continues to assess the full scope of the breach.

The attack underscores the growing vulnerability of healthcare infrastructure to cyber threats, with experts noting that the sector’s interconnected systems create high-impact targets for ransomware operators. No timeline has been provided for full recovery.

Source: https://www.morningstar.com/news/pr-newswire/20260120ny67391/monroe-university-ltd-data-breach-alert-issued-by-wolf-haldenstein

UnitedHealth Group cybersecurity rating report: https://www.rankiteo.com/company/unitedhealth-group

CHANGE HEALTHCARE TECHNOLOGIES, LLC cybersecurity rating report: https://www.rankiteo.com/company/change-healthcare-technologies-llc

"id": "UNICHA1769031261",
"linkid": "unitedhealth-group, change-healthcare-technologies-llc",
"type": "Ransomware",
"date": "2/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'customers_affected': 'Pharmacies, hospitals, clinics, '
                                              'and patients across the U.S.',
                        'industry': 'Healthcare',
                        'location': 'U.S.',
                        'name': 'Change Healthcare',
                        'type': 'Subsidiary'},
                       {'industry': 'Healthcare',
                        'location': 'U.S.',
                        'name': 'UnitedHealth Group (UHG)',
                        'type': 'Parent company'}],
 'data_breach': {'data_exfiltration': '6 terabytes of data exfiltrated',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Medical records',
                                              'Insurance details',
                                              'Personal information']},
 'date_detected': '2024-02-21',
 'description': 'A ransomware attack on Change Healthcare, a key subsidiary of '
                'UnitedHealth Group (UHG), has severely disrupted healthcare '
                'operations across the U.S., exposing sensitive patient data '
                'and causing widespread payment processing delays. The '
                'incident forced the company to disconnect critical systems to '
                'contain the breach, leading to cascading effects on '
                'pharmacies, hospitals, and clinics reliant on its services.',
 'impact': {'brand_reputation_impact': 'High',
            'data_compromised': '6 terabytes of data, including medical '
                                'records, insurance details, and personal '
                                'information',
            'identity_theft_risk': 'High',
            'operational_impact': 'Severe disruption to healthcare operations, '
                                  'delays in patient care',
            'payment_information_risk': 'High',
            'systems_affected': 'Payment processing, insurance eligibility '
                                'verification, prescription dispensing'},
 'investigation_status': 'Ongoing',
 'lessons_learned': 'The attack underscores the growing vulnerability of '
                    'healthcare infrastructure to cyber threats, with '
                    'interconnected systems creating high-impact targets for '
                    'ransomware operators.',
 'motivation': 'Financial gain',
 'ransomware': {'data_exfiltration': 'Yes',
                'ransomware_strain': 'BlackCat/ALPHV'},
 'references': [{'source': 'American Hospital Association (AHA)'}],
 'response': {'containment_measures': 'Disconnected critical systems',
              'law_enforcement_notified': 'HHS and FBI',
              'recovery_measures': 'Restored some services'},
 'threat_actor': 'BlackCat/ALPHV',
 'title': 'Ransomware Attack on Change Healthcare Disrupts U.S. Healthcare '
          'Network',
 'type': 'Ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.