4 out of 5 of Physicians Were Impacted by February’s Cyber Attack on Change Healthcare



Healthcare Ransomware AttacksA new survey of physicians details the devastating impact of the Change Healthcare cyber attack on the healthcare sector.

In February, a cyber attack on Change Healthcare brought much of the U.S. healthcare system to a halt.

The revenue and payment cycle management provider is central to connecting payers, providers and patients within the U.S. healthcare system to ensure payments are made. 

The impacts of this attack reach far beyond that of just the loss of operations to Change Healthcare itself. United Health announced the attack will cost them $1.6 billion alone. In addition to the largest of insurers, even the smallest of physician’s offices were impacted. A survey by the American Medical Association, conducted in late March, reported the following repercussions from the February attack:

  • 80% lost revenue from unpaid claims
  • 85% had to commit additional staff time/resources to complete revenue cycle tasks
  • 78% lost revenue from claims that they have been unable to submit
  • 51% lost revenue from the inability to charge patient co-pays or remaining obligations

If those repercussions sound a little too generic, try these on for size:

  • 55% of physicians had to use personal funds to cover practice expenses
  • 44% were unable to purchase supplies
  • 31% were unable to make payroll

In other words, this attack hurt a lot of businesses – big and small.

And while the initial attack vector hasn’t been made public, the magnitude of such an attack demands that organizations take note of the three possible mays attacks like these start – via vulnerability, externally-accessible remote access or phishing.

All three attack vectors need to be top of mind for cybersecurity teams that should be looking for ways to minimize the risk each one poses.

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.




Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews