«
»

Change Healthcare Appears To Have Been Pwned In A Cyberattack

Change Healthcare has confirmed a cyberattack resulting in the company disconnecting its systems which is impacting its operations.

Change Healthcare is owned by UnitedHealth Group and is one of the largest healthcare technology companies in the US handling 15 billion patient, healthcare transactions annually.

Although the nature of the cyber incident has not been disclosed, Change Healthcare login pages have been inaccessible resulting in local pharmacies and healthcare providers, especially those in Michigan, unable to process prescriptions due to the “nationwide outage from the largest prescription processor in North America,” said Scheurer Health, a healthcare provider in Michigan on its Facebook page.

The incident began early on Tuesday morning and, as of yesterday, a statement on the company website says the disruption is expected to last through the day.

Mark B. Cooper, President & Founder, PKI Solutions had this to say:

   “While Change Healthcare’s swift response and communications are commendable, the cyber-attack highlights the challenges the healthcare industry and its vendors face in safeguarding against evolving cyber threats to their Critical Infrastructure Protection (CIP) environments.

   “The ongoing repercussions of the cyber-attack, such as unfilled prescriptions, underscores the critical need for real-time vigilant monitoring to quickly identify misconfigurations to and alert the appropriate technical and security resources for prompt remediation, preventing them from becoming vulnerabilities. Such proactive measures are essential to defend against unauthorized access that leads to these debilitating outcomes.”

I do applaud their quick action. But I wonder if a post mortem of this incident will reveal that there were things that they could have done to prevent this. Hopefully they are open and transparent about what led up to this and what they have done to prevent a similar occurrence going forward.

This entry was posted on February 23, 2024 at 9:00 am and is filed under Commentary with tags . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

4 Responses to “Change Healthcare Appears To Have Been Pwned In A Cyberattack”

  1. BlackCat Confirmed As Pwning UnitedHealth’s Tech Unit | The IT Nerd Says:
    February 29, 2024 at 12:58 pm

    […] pwned by the BlackCat ransomware group. And the company confirms this. Which effectively confirms this story that I recently […]

    Reply
  2. The Change Healthcare Hack Has Taken A Weird Turn | The IT Nerd Says:
    March 6, 2024 at 9:15 am

    […] been covering the Change Healthcare hack, and you could read my coverage here, here, and here. Brian Krebs has surfaced some information that shows that this story has taken a […]

    Reply
  3. HHS Opens Investigation Into Change Healthcare Hack | The IT Nerd Says:
    March 14, 2024 at 2:49 pm

    […] do something that led to the attack. Change Healthcare is into the second part after being pwned a few weeks ago. Here’s what HHS had to […]

    Reply
  4. Change Healthcare Paid A Ransom To Deal With Being Pwned…. Maybe | The IT Nerd Says:
    May 6, 2024 at 1:38 pm

    […] might recall that Change Healthcare was pwned. That caused large amounts of disruption for healthcare providers. On top of that, the responsible […]

    Reply

Leave a Reply to BlackCat Confirmed As Pwning UnitedHealth’s Tech Unit | The IT NerdCancel reply

Discover more from The IT Nerd

Subscribe now to keep reading and get access to the full archive.

Continue reading