In February 2024, Change Healthcare, a UnitedHealth Group subsidiary that processes 60% of U.S. prescription payments, was hit by a ransomware attack attributed to the ALPHV/BlackCat group (Read our initial coverage of the attack). The financial toll of this attack is significant, with UnitedHealth Group’s Q3 earnings report stating a cost of $2.46B for the Change Healthcare attack alone, and the total anticipated cost reaching a substantial $2.87B. 

This cyberattack severely disrupted Change's ability to process prescription transactions, impacting patients, healthcare providers, and businesses that rely on its services. The ripple effects of this attack include businesses facing revenue losses, reputational damage, legal costs, and operational disruptions. As of June 2024, 49 lawsuits have been filed against Change Healthcare, underscoring the serious and far-reaching consequences of cyber threats in the healthcare sector.

Why Healthcare is an Increasing Cyber Target

The healthcare sector has seen rapid digitization over the past decade, bringing both innovation and challenges. While new technologies streamline operations and improve patient care, they also expose healthcare organizations to significant cyber risks. Several factors make healthcare a prime target for cyberattacks.

• Value of Medical Data: Patient health records are extremely valuable on the black market since they include personal identification information (PII), insurance details, medical histories, and payment information. This data can be used for identity theft and fraud or sold to other criminal enterprises. Additionally, stolen medical records are harder to replace than credit card information, making the long-term damage more severe for both patients and providers.

• Outdated IT Infrastructure: Many healthcare organizations operate with outdated or unpatched IT systems. Hospitals and clinics are often slow to update their infrastructure due to budget constraints or a lack of dedicated cybersecurity expertise. These vulnerabilities make it easier for cybercriminals to exploit weaknesses and launch attacks, particularly ransomware and phishing campaigns.

• Increased Digital Integration: With the rise of telemedicine, wearable medical devices, and electronic health records (EHRs), healthcare systems are becoming more interconnected than ever before. While this digital integration improves patient care, it also expands hackers' attack surface. Every connected device, system, or third-party service provider represents a potential entry point for cybercriminals, making it increasingly difficult to protect against breaches.

Emerging Cyber Attacks in Healthcare

Across industries, companies are seeing an increase in cyber-attacks and the emergence of new types of attacks. The healthcare sector must remain vigilant to safeguard its systems and patients' information from ransomware to third-party vulnerabilities. Below are two of the most pressing cyber risks impacting the industry today.

• Ransomware and Phishing Attacks: Ransomware, such as the one that struck Change Healthcare, remains a significant threat to the sector. Cybercriminals encrypt essential data and demand payment to restore access, impacting healthcare operations. Phishing attacks are also prevalent, where attackers trick employees into revealing sensitive information or granting access to systems through deceptive emails or messages.

• Third-Party Risks: Healthcare organizations often rely on external vendors for services like billing, record management, and IT support. This dependence on third-party providers introduces additional risks, as any vulnerabilities in these external systems can affect the entire healthcare network. The attack on Change Healthcare is a prime example of how a breach in one company’s network can have far-reaching consequences for the broader industry.

Cyber insurance has become an essential safeguard for healthcare organizations as cyber threats continue to grow. A comprehensive cyber insurance policy can help mitigate the financial losses associated with breaches, including the cost of legal fees, business interruption, and recovery efforts. Given the complexity and potential damage of cyberattacks, having robust cyber insurance is not just a choice—it's a critical necessity for any organization handling sensitive medical data.

At Newfront, our cyber experts have successfully guided clients impacted by the Change Healthcare ransomware attack through the claims process, ensuring favorable outcomes and minimizing disruptions. Our deep understanding of cyber risks and insurance intricacies has been critical in helping businesses recover quickly. If you’re looking to safeguard your business from cyber risks, reach out to Newfront to learn how we can tailor a cyber insurance program to your business.