Cyberattack on UnitedHealth's Change Healthcare

Chris Swagler | April 26th, 2024


In a shocking revelation, a massive cyberattack on UnitedHealth’s Change Healthcare recently resulted in a substantial loss of $872 million. This incident has once again highlighted the growing threat that cybercrime poses to businesses and the healthcare sector. Change Healthcare, a significant component of UnitedHealth Group is a key player in the healthcare technology sector. They provide data and analytics-driven solutions to improve clinical, financial, and patient engagement outcomes in the U.S. healthcare system. This attack on such an entity highlights the vulnerabilities in even the most sophisticated systems. The breach was discovered in the last week of July 2021, when Change Healthcare identified a potential intrusion in its system.

The company immediately took action to mitigate the risk and thoroughly investigated the incident. However, the attack had already resulted in a significant financial loss, shaking the core of the healthcare technology giant. The exact scale of the damage caused by this cyberattack was unveiled in the company’s recent 10-Q filing with the U.S. Securities and Exchange Commission. The report revealed a staggering loss of $872 million, which was directly attributed to the cyberattack. This figure represents a significant portion of the company’s revenue, bringing the severity of the cyberattack into sharp focus. Moreover, because of the cyberattack, Change Healthcare was forced to discontinue the use of certain software applications, thereby directly impacting its operations.

These disruptions have ripple effects across the healthcare sector, causing delays and disruptions in service delivery. Despite the substantial losses incurred, Change Healthcare has shown resilience and commitment to rectify the situation. The company has engaged cybersecurity experts to help investigate the breach and repair any potential vulnerabilities. They also work closely with law enforcement agencies to ensure the perpetrators are brought to justice. Nonetheless, this incident serves as a stark reminder of the escalating threat of cybercrime. It underlines the need for businesses, especially those in the healthcare sector, to invest in robust cybersecurity measures to safeguard their sensitive information. This includes regular system updates, employee training, and the implementation of advanced security protocols. With the increasing digitization of healthcare services, the sector has become a prime target for cybercriminals. These entities hold vast amounts of sensitive patient data, making them attractive to hackers. As such, healthcare organizations must prioritize cybersecurity to prevent such catastrophic events in the future.

The cyberattack on UnitedHealth’s Change Healthcare has not only resulted in significant financial loss but has also exposed the vulnerabilities in the healthcare sector’s cybersecurity systems. This incident underscores the need for enhanced security measures and a proactive approach to managing cyber threats. It is a call to action for healthcare organizations worldwide to bolster their defenses against the ever-increasing menace of cybercrime. At SpearTip, our advisory services and risk engineering provide a proactive approach to understanding your network vulnerabilities, ShadowSpear provides constant eyes on the glass to respond to active threats, and Incident Response to help organizations get back into a fully operational state following a cyberattack. SpearTip’s engineers and analysts within our 24/7/365 Security Operations Center (SOC) utilize the ShadowSpear Platform to respond to active threats by continuously monitoring your environment. The SOC is built to relieve the burden of cybersecurity from your team by acting and informing their organizations. Our Incident Response Planning (IRP) provides a comprehensive evaluation of a client’s current IRP. If not currently in place, the Advisory Services team will draft and provide a plan that is unique to the client’s needs and operations.

If your company is experiencing a breach, call our Security Operations Center at 833.997.7327 to speak directly with an engineer.


Connect With Us

Featured Articles

Cuttlefish Malware
Cuttlefish Malware: A New Threat to Routers and Traffic Monitoring
24 May 2024
Security Awareness Training
Security Awareness Training Crucial Role
22 May 2024
Phishing Campaign Assessments
Phishing Campaign Assessments Can Be Effective For Companies
20 May 2024
Incident Response Planning
Incident Response Planning: Why It's Important
17 May 2024

See ShadowSpear in Action

Identify, neutralize, and counter cyberattacks - provide confidence in your security posture

Stay Connected With SpearTip

Inside the SOC Newsletter

View our articles that cover trending topics in cybersecurity with insights from our 24/7/365 Security Operations Center.

ShadowSpear Platform

Cybersecurity actors are working around the clock, shouldn’t your security team be too? Technology solutions and security controls fail for a number of reasons, poor deployment, improper implementation, or just no one monitoring the alerts.

ShadowSpear Demo

Experience ShadowSpear for yourself. Our lightweight, integrated solution will help you sleep easier at night and provide immediate confidence in your security posture.