UnitedHealth Group’s Subsidiary Hit by Suspected Nation-State Cyberattack

On February 21, 2024, Change Healthcare, a leading healthcare technology firm owned by UnitedHealth Group (UHG), experienced a network interruption due to a cyberattack. The company swiftly responded by disconnecting its systems to mitigate further damage. This cyber incident, starting early Wednesday morning, led to significant service outages, impacting healthcare providers and pharmacies across the United States. Local reports from Michigan highlighted the immediate effect on pharmacies unable to process insurance for prescriptions due to the outage. Change Healthcare, a pivotal player in the U.S. healthcare infrastructure, processes 15 billion transactions yearly and manages clinical connectivity solutions that touch one-in-three U.S. patient records.

The cyberattack’s specifics remained undisclosed initially, with UnitedHealth Group and its subsidiaries, Optum and Change Healthcare, providing limited information. However, by late February 22, 2024, UHG identified the likely perpetrators as government-backed hackers in a regulatory filing, though without pinpointing a specific nation-state or presenting the evidence leading to this assertion. The attack’s broad impact and the suspected involvement of nation-state actors underscore the growing cybersecurity threats facing the healthcare sector, emphasizing the critical need for enhanced security measures.

UnitedHealth Group has since engaged leading security experts, collaborated with law enforcement, and informed affected customers, clients, and government agencies. Despite these efforts, the company has not provided a definitive timeline for full service restoration. This cybersecurity breach not only disrupts healthcare services but also raises concerns about the security of sensitive patient data managed by Change Healthcare, reflecting the urgent necessity for robust cyber defense strategies in the healthcare industry.