Change Healthcare Ransomware Attack May Cost Nearly $2.5 Billion



Healthcare Ransomware AttacksThe ransomware attack against UnitedHealth Group’s Change Healthcare platform is expected to cost the company up to $2.45 billion, more than a billion dollars more than was previously estimated, Cybersecurity Dive reports. The incident has already cost the firm nearly $2 billion.

The attack occurred in February after a ransomware group gained access to Change Healthcare’s systems. The criminals used stolen credentials to log in to a Citrix portal that did not have multi-factor authentication enabled. They then stole a great deal of healthcare information belonging to customers before triggering the ransomware. The full scope of the data breach isn’t yet known, but UnitedHealth Group’s CEO told Congress it may affect “a substantial proportion of people in America.”

The attack caused weeks-long disruptions at tens of thousands of pharmacies across the United States, which relied on Change Healthcare to process prescription payments. The incident is considered one of the most serious cyber attacks ever to hit the healthcare industry.

UnitedHealth Group's President and CFO John F. Rex said in an earnings call earlier this week, "Of the total in the quarter, $0.64 per share were direct costs incurred in restoring the clearinghouse platform and other response efforts. These included higher medical expenses directly stemming from the temporary pause of some care management activities....The other component affecting our results relates to disruption of the ongoing Change Healthcare business. This largely encompasses the loss of revenues, combined with the cost of keeping these capabilities fully ready to serve.”

The incident highlights the wide-reaching and costly ramifications of failing to follow security protocols. New-school security awareness training can give your organization an essential layer of defense by teaching your employees to follow security best practices.

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Cybersecurity Dive has the story.


Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/ransomware-simulator

Topics: Ransomware



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews