💰💣⚙️

Change Healthcare Security Incident

21/02/2024 579 days ago Resolved
Incident Overview
Situation Description

Change Healthcare, a division of Optum and subsidiary of UnitedHealth Group, experienced a cyberattack on February 21, 2024, which compromised customer data and disrupted operations, affecting a significant portion of U.S. medical transactions.

Event Types
Ransomware Malware / Destructive Attack Technical Failure / Outage
Industry Sector
Healthcare
Geographic Scope
National (US)
Response Actions
Isolated Compromised Systems Took Systems or Services Offline Fulfilled Formal Breach Disclosure Obligations Notified Affected Individuals & Entities Offered Post-Breach Remediation Services Managed Public Narrative & Crisis Communications
Impact Analysis
Event Types (3 identified)
Ransomware Malware / Destructive Attack Technical Failure / Outage
Financial Impact
$0 USD
Records Affected
0
Data Types Compromised
PHI (Protected Health Information)
Primary Impacts
Operational Disruption Financial Loss Data Exposure Reputational Damage Legal/Regulatory Penalties
Key Decisions Made
Technical Analysis
Attack Method

Unpatched Vulnerability

Threat Actor Attribution
BlackCat
Vulnerability / Tool
ConnectWise
Additional Information
Quick Facts
Company:
Change Healthcare
Date:
21/02/2024
Status:
Resolved
Decision Maker:
nan
Position:
nan
Published:
2024-05
Source Information
Original Query
UnitedHealth "Change Healthcare" ransomware attack "third-party" impact response
View Original Source
Timeline
Information Published

2024-05

Incident Occurred

21/02/2024 (579 days ago)

Status: Resolved

Estimated resolution based on age

Actions
View Company Profile