Change Healthcare Cyberattack May Impact Providers and Patients

5 min read time
Change Healthcare Cyberattack That Could Impact Thousands of Health Care Providers and Patients Across the U.S.

Earlier this month, the U.S. healthcare technology giant Change Healthcare confirmed it suffered a cyberattack on its systems. In a brief statement on its updates site, the company expressed it was “experiencing a network interruption related to a cyber security issue.” The attack was first reported on Feb 21, at 2:15 am EST, when the company posted an update stating they were experiencing “enterprise-wide connectivity issues.” From there, the company continued to dive into the issue, when nearly 12 hours later, it officially identified the breach as a cyber security issue.

On February 22, at 11:32 a.m., the company issued an update stating, “In the interest of protecting our partners and patients, we took immediate action to disconnect our systems to prevent further impact.” A notice issued by the American Hospital Association(AHA) warned those connected to the medical company to expect its services to experience prolonged disruptions as the company continues to work on the issue. Companies are also urged to prepare “contingency plans” for their clients if Optum’s services should remain unavailable for an extended period.

The AHA also recommended that “all health care organizations that were disrupted or are potentially exposed by this incident consider disconnection from Optum until it is independently deemed safe to reconnect to Optum.” As of February 29, 2024, Tyler Mason, vice president at UnitedHealth, has confirmed that the cybersecurity issue at Change Healthcare was perpetrated by a Russian-based ransomware and extortion gang known as ALPHV/Blackcat

According to the latest update, Change Healthcare claims they are working closely with third-party experts Mandiant, Palo Alto Network, and law enforcement to better understand the incident and who may be affected. For now, the medical company has no reason to believe that anyone outside of the Change Healthcare systems, Optum, UnitedHealthcare, and UnitedHealth Group systems have been affected by this issue. Change Healthcare claims they are continuing to work on multiple fronts to restore the impacted environment and will continue to be proactive with its systems. 

Founded in 2005, Change Healthcare is a health tech subsidiary of UnitedHealth Group and is headquartered in Nashville, Tennessee. The medical company is a provider of revenue and payment cycle management that connects payers, providers, and patients within the U.S. healthcare system. Change Healthcare employs roughly 14,000 across the United States and, in 2022, reported a yearly revenue of 3.48 billion.

 

Take the Steps To Protect Yourself After a Data Breach

We often leave the security of our private information in the hands of companies who may not have our best interests at heart. In the event you find you have had your personal information accessed due to a data breach, it’s essential to understand what options you have to ensure you are protecting yourself from any fraudulent activity that may take place. After a breach, you will need to monitor your credit. Head to certain credit unions like Equifax, Experian, and Transunion, which offer paid credit security services and free yearly in-depth credit checks.

If you are interested in more frequent or daily credit monitoring services, use companies like Credit Karma, which offers customers free daily access to their credit reports and suspicious activity alerts. While monitoring, if you should discover any fraudulent activity on your account, contact the Federal Trade Commission (FTC), your state's Attorney General's office, or local law enforcement to report the incident. Victims of fraud have the right to be informed if the information in their credit file has been used against them under the Fair Credit Reporting Act.

For more information about the Fair Credit Reporting Act or what you should do in the event that your information has been accessed in a data breach, read more here or head to the FTC’s website at www.identitytheft.gov. Speaking to a data breach attorney can also help you better understand your legal options and who may be liable for any damages you have incurred during and after the breach.

 

Connect With a Class Action Data Breach Attorney

If you believe your personal information was accessed due to the United Healthcare Data breach, do not hesitate to contact a Morgan & Morgan data breach attorney. With over 35 years of experience, we’ve helped thousands of victims recover compensation for their damages and ensure they receive the justice they deserve when major health companies negligently handle their personal information. For more information on how a Morgan & Morgan data breach attorney may be able to help you, click here to take our quiz today.

Disclaimer
This website is meant for general information and not legal advice.

Injured? Getting the compensation you deserve starts here.

An illustration of a broken car.

Deep Dive

Explore more information related to the case process.