DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Change Healthcare responding to cyberattack; few details known at this point

Posted on February 22, 2024 by Dissent

Early yesterday, Change Healthcare reported that they were experiencing enterprise-wide connectivity issues. They didn’t call it a cyberattack at that point, but by mid-day, their status reports were indicating that they were experiencing “a network interruption related to a cyber security issue.”   A few hours later, they added a statement, “Once we became aware of the outside threat, in the interest of protecting our partners and patients, we took immediate action to disconnect our systems to prevent further impact. The disruption is expected to last at least through the day. We will provide updates as more information becomes available.”

Change Healthcare has issued updates every few hours since then. As of this morning, their updates no longer say the disruption is expected to last at least through the day. Now it offers no prediction of how long the disruption will last and merely states, ” We will provide updates as more information becomes available.”

According to the Optum Solutions status page:

This incident affects: Change Healthcare Enterprise, Clinical Network (Clinical Document Collector API, Clinical Exchange, Clinical Exchange Channel Partners including ePrescribe and Orders & Results, Clinical Exchange Labs and Hospitals, CommonWell, Connectivity Gateway), Cost Transparency (Predictive Engagement, Provider Directory, True View), Dental Network (Credentialing Advocate Solution, Dental Claim Attachments, Dental Connect, Dental Credentialing Manager, Dental EDI Network, Dental Practice Analytic Insights, Dental Revenue Cycle Insights, SimpleAttach Solution), Eligibility & Enrollment (Dual Enrollment Advocate & Recert Complete, My Advocate, Part D Complete & Community Advocate, SSI Enrollment Advocate), Medical Network (Advanced Claim Management, Batch Claims, Claiming & Remittance, Claims Automation, Eligibility & Patient Access, ERA Transactions, Medical Claim Attachments, Paper-to-EDI, Payer Connectivity Services, Payer Data Services, Payer Finder website and API, Real-time Eligibility Transactions, Revenue Analytics), Medical Network APIs (Claims Responses and Reports API, Claims Status API, Eligibility API, Institutional Claims API, Payer Finder API, Professional Claims API), Medical Record Retrieval & Clinical Review (Clinical Abstraction, Medical Record Retrieval, Risk Adjustment Coding), Member Engagement & Experience (Interoperability API Connector, Member Payments, Smart Connect, Smart Appointment Scheduling, & Clinical Care Visits), Patient Engagement & Experience (Shop Book and Pay, Virtual Front Desk), Pharmacy Benefits & TPA (Medicaid Pharmacy Benefits Services, Smart Commercial Pharmacy Services), Provider Network Optimization (Contract Manager, Provider Manager, Reimbursement Manager), Revenue Cycle Management (AccuPost, Acuity Revenue Cycle Analytics, Ahi Lobby, AhiQA, Ambulatory Claims Manager, Assurance Reimbursement Management, Claims & Denials Advisor, Claims & Denials Management, Clearance Patient Access Suite, Financial Clearance, National Payments Connector, Patient Engagement Suite, Reporting & Metrics, Revenue Integrity, Revenue Performance Advisor), Risk Adjustment & Quality (Compliance Reporter, Dx Gap Advisor, Edge Complete, EMR Risk Advisor, Encounter Complete, Risk View), Value-Based Care (Business Process as a Service (BPaaS), Episode Manager, HealthQx, Prometheus Analytics, Risk Manager, Third-Party Administration, Value-Based Care Transformation Services), Customer Portals (Client Access System, ConnectCenter, Customer Care Hub, Customer Connection, Download Central, Download Connect, Enrollment Central, Vision), Payer Communications and Payment Services (Communications Complete – Payer, Payer Communications and Print, Payer Enrollment Services, Payment Network Advocate, Settlement Advocate), Provider Communications and Payment Services (Communications Complete – Provider, Member Correspondence Advocate, Patient Billing & Statements, Payment Automation, SmartPay for Providers, SmartPay Payment Integration, SmartPay Plus for Providers), Clinical Decision Support (InterQual® Coordinated Care, InterQual® Customize, InterQual® Review Manager – Hosted, InterQual® Government Services), and Pharmacy Solutions (MedRx, Network Solutions, Revenue Cycle Management, Rx Assist, Rx CardFinder Services, Rx Connect Solution, Rx Edit, SelectRx, UPBS Analytics website, UPBS Claims Manager website, UPBS Claims Processing, UPBS Configuration Manager website, Vaccination Record).

No ransomware group has publicly claimed responsibility for this attack yet. DataBreaches has reached out to a few sources and will update this post if any answers are received.

Change Healthcare is part of Optum Solutions, and is a business associate to covered entities, providing payment and revenue services, as well as clinical decision support and other services. Looking at the number of services being disrupted by this attack will give readers some sense of how big and impactful this breach is.

 

Related posts:

  • Dental Center of Northwest Ohio’s notifies patients after IT vendor Arakÿta experiences ransomware incident
  • MN: Delta Dental Disk with The Smile Center Patient Data on It Stolen Months Ago; No One Notified Patients?! (update1)
  • MN: Delta Dental Disk with The Smile Center Patient Data on It Stolen Months Ago; No One Notified Patients?! (update1)
Category: HackHealth DataOf NoteSubcontractorU.S.

Post navigation

← Unpicking LockBit — 22 Cases of Affiliate Tradecraft
Maryville Addiction Treatment Centers Victim Of Data Breach →

4 thoughts on “Change Healthcare responding to cyberattack; few details known at this point”

  1. Jared M Kinter says:
    February 22, 2024 at 6:18 pm

    My sister is employed by Change Healthcare and it been a bit of a mess, she had clients calling her most of Wednesday Night asking questions as to what was going on and why they couldn’t fill prescriptions or access any of the systems. Luckily she and the rest of the employees are still getting paid. My sister had seen information released from the FBI saying that China has ramped up Cyber attacks against big American Companies and then 2 days later Change Healthcare’s systems get breached……Coincidence? I think not!

    1. Dissent says:
      February 22, 2024 at 7:01 pm

      UHC/Change Healthcare filed an 8-K report with the SEC yesterday about the incident in which they said, “On February 21, 2024, UnitedHealth Group (the “Company”) identified a suspected nation-state associated cyber security threat actor had gained access to some of the Change Healthcare information technology systems.” If they’re right that it was nation-state associated, could it be China? Sure, but also Russia is ticked off about facing more sanctions over Navalny’s death, and oh yeah, Iran probably isn’t too happy with us, either.

    2. Steve says:
      March 3, 2024 at 7:54 am

      Actually, what you described is exactly the definition of coincidence. Until causality has been established. The FBI was been warning for years about increased cyber threats posed by China, Russia, Iran, and, just as important to systems, criminals using ransomware attacks to extort $$$. Just as likely to be criminal activity as nation state. Why? Because the underlying technology is the same to either type of attacker. Not all attacks require a nation to commit.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.