A devastating healthcare cyberattack hit Change Healthcare on Feb. 21, 2024. By forcing the $13 billion company offline, the cyber criminals cut one of the few connections between healthcare providers and payers, triggering a cash crunch at medical groups, health clinics, hospitals, and pharmacies.
This cyberattack left many healthcare providers struggling for cash and facing serious consequences. Even now, a second ransomware hacker is attempting to extort Change Healthcare based on the data exfiltrated during the initial attack. The breach also brought to light the vulnerable nature of the industry’s infrastructure. As one of the largest health information exchange platforms in the U.S., Change Healthcare’s ransomware attack disabled providers’ ability to access the data and systems used to process prescriptions, claims, and payments creating a trickledown effect that significantly impacted all parties.
As entities that process and store vast amounts of valuable data, including personally identifiable information (PII) and other health information that can be used for insurance and identity fraud, healthcare organizations are increasingly targeted. The data is not only highly valuable, but it is necessary to provide services to patients. These two factors combined make ransomware attacks one of the biggest threats to healthcare organizations.
Below are some cybersecurity strategies your organization’s leaders can use to mitigate risks against cyberattacks and safeguard your digital assets and patient data.
Safeguard your digital landscape
The Change Healthcare breach highlights how one key failure can cause massive disruption. Improve your organization’s cybersecurity strategy, recovery plans, and continuity capabilities by incorporating the following activities.
Review cybersecurity insurance
Cybersecurity insurance or a captive insurance group can provide coverage for a wide range of cybersecurity incidents. Reviewing your policy to clarify terms and covered incidents, such as cyberattacks that occur with a vendor or a vendor’s vendor, can bolster your overall security plan.



