Change Healthcare Cyberattack

Stethoscope and lock on keyboard

Change Healthcare Cyberattack

As a subsidiary of UnitedHealth Group, Change Healthcare is one of the largest prescription medication processors and claims to complete 15 billion healthcare transactions each year through its revenue and payment management systems. On February 21, 2024, a cyberattack on Change Healthcare threw healthcare industry operations into arrest as healthcare providers, pharmacies, and hospitals were unable to verify or process insurance claims, payments, or prescriptions. The ransomware attack forced many of the company’s operations offline, which left providers without means to fulfill patients’ prescription medications or a timely way to bill for services and receive payment. Independent physician practices and major health systems alike experienced frustration and worry over keeping operations—patient care—running without any revenue and dwindling cash reserves (CBS).

Responsibility for the attack was claimed by the cybercrime organization BlackCat/ALPHV, a group known for stealing data and leveraging ransomware in exchange for large ransom payments (TechCrunch). This attack that crippled a healthcare industry behemoth highlighted the importance of protecting our nation’s critical cyber infrastructure and the need for organizations to employ sound mitigation against future attacks (AHCJ).

Date of event: February 21, 2024


  • $827 million: cyberattack direct impact cost to UnitedHealth Group as of April 16, 2024 (CBS)
  • $1.3-1.6 billion: estimated cyberattack cost to UnitedHealthGroup through year end (CBS)
  • $100 million: estimated loss, per day, for some healthcare providers (CNN)
  • 249: number or ransomware attacked on healthcare and public health organizations in 2023 (FBI)

Related Resources:

HSDL Featured Topics: Cyber Infrastructure Protection | Ransomware | Cyber Policy

HSDL Search: #Ransomware | Internet Crime Report

Photo credit: wk1003mike via Shutterstock

Scroll to Top