Excerpt from HIPAA Journal Article, Published on August 06, 2025
Healthcare provider Change Healthcare experienced one of the largest cyberattacks in U.S. history when hackers targeted its network in February 2024. The attack severely disrupted healthcare operations nationwide, impacting patient care, claims processing, and causing widespread financial strain on providers. Change Healthcare’s parent, UnitedHealth Group, has revealed that approximately 190 million individuals were affected by the breach, nearly doubling earlier estimates.
The breach was orchestrated by the BlackCat ransomware group, which obtained access using compromised credentials on a server lacking multi-factor authentication, allowing the attackers to steal vast amounts of sensitive data, including protected health information. The subsequent outage lasted several weeks, leaving many healthcare providers unable to process claims or verify insurance coverage. This disruption created significant cash flow issues across healthcare sectors.
In response, Change Healthcare began issuing notification letters starting mid-2024 and offered affected individuals complimentary credit monitoring and identity protection services. Despite nearly a year passing since the attack, some affected parties have only recently been informed, highlighting the scale and complexity of managing this breach. Regulatory investigations are ongoing to assess compliance with HIPAA security requirements, but no misuse of data has been reported to date.
Moreover, the attack underscored the urgency for the healthcare industry to bolster cybersecurity defenses, improve employee training, and implement stronger protective measures such as multi-factor authentication to prevent similar incidents. The healthcare sector is actively reviewing incident response and contingency plans to better prepare against future cyber threats.
To delve deeper into this topic, read the original HIPAA Journal article.
