TLDR:
- State-sponsored threat actor blamed for cyberattack on Change Healthcare, a subsidiary of UnitedHealth Group.
- Attack resulted in a nationwide prescription processing outage affecting over 100 applications.
UnitedHealth Group has identified a state-sponsored threat actor as the culprit behind a cyberattack on its subsidiary, Change Healthcare. The attack, which occurred on February 21, prompted Change Healthcare to shut down its systems, leading to a nationwide prescription processing outage. More than 100 applications across various services were affected. UnitedHealth Group reported that the threat actor was associated with a nation-state and gained access to specific systems of Change Healthcare, which were immediately isolated. The company emphasized that only Change systems were impacted and stated that it does not expect the incident to have a significant financial impact. However, as of February 25, Change Healthcare has not fully restored the affected systems, prioritizing careful restoration to prevent any further risks. Given that Change Healthcare processes billions of healthcare transactions annually and has access to medical records of a sizable portion of US patients, the implications of this cyberattack could be far-reaching.