Ransomware Attack on Change Healthcare Explained Through a Comprehensive Timeline

This is a detailed article about a massive data breach that occurred at Change Healthcare, a health tech giant, in 2024. The breach affected over 100 million individuals, making it one of the largest digital thefts of U.S. medical records and one of the biggest data breaches in history.

Here’s a summary of the key points:

1. Initial Breach: The breach occurred when ALPHV hackers broke into Change Healthcare using a stolen username and password of a "low-level customer support employee" that wasn’t protected with multi-factor authentication.
2. Ransom Demand: After gaining access, the hackers demanded a ransom from Change Healthcare in exchange for not releasing the stolen data.
3. Scope of the Breach: The breach affected over 100 million individuals, including patients and healthcare providers who had their medical records compromised.
4. Notification Process: Change Healthcare began notifying affected individuals through letters, but the process was slow, with some receiving notifications as recently as October 2024.
5. UnitedHealth Involvement: UnitedHealth Group, which owns Change Healthcare, was involved in the breach and was still in the "final stages" of notifying individuals affected by the data breach.
6. Lawsuit Filed: The state of Nebraska filed a lawsuit against Change Healthcare in December 2024, accusing the company of security failings that led to the massive breach.

The article highlights several key points about the breach:

• The hackers used stolen credentials to gain access to Change Healthcare’s systems.
• The breach affected over 100 million individuals, making it one of the largest data breaches in history.
• UnitedHealth Group was involved in the breach and was still notifying individuals affected by the data breach months after the initial incident.
• The state of Nebraska filed a lawsuit against Change Healthcare in December 2024, accusing the company of security failings that led to the massive breach.

Overall, this article provides a detailed account of one of the largest data breaches in history and highlights the importance of robust cybersecurity measures to prevent such incidents.