In February 2024, the healthcare industry faced a wake-up call that continues to echo through every hospital, clinic, and billing office in the country.
Change Healthcare, founded in 2005 and later merged with Optum (a subsidiary of UnitedHealth Group) in 2022, has become one of the largest healthcare technology companies in the U.S. It plays a critical role in the ecosystem—processing claims, managing revenue cycles, and enabling pharmacy transactions for thousands of providers and payers nationwide.
That made it an ideal target.
In early 2024, the company was hit by a ransomware attack launched by the cybercriminal group BlackCat/ALPHV. The breach compromised over 190 million patient records, making it the largest healthcare data breach in U.S. history.
But it wasn’t just about stolen data.
The attack crippled pharmacy transactions, paused billing systems, and delayed insurance claims for weeks. It effectively disrupted the flow of care across the U.S. healthcare system. Change Healthcare reportedly paid a $22 million ransom in an attempt to regain operational control.
BlackCat, also known as ALPHV, is a ransomware-as-a-service (RaaS) group known for targeting high-value sectors like healthcare, finance, and government. Following the Change Healthcare breach, a second group called RansomHub claimed to possess the stolen data and attempted further extortion.
This wasn’t just a breach—it was a systemic breakdown. When healthcare systems go offline, it’s not just about lost revenue. It’s about missed prescriptions, delayed treatments, and broken trust.
It’s a harsh reminder:
“Cybersecurity is patient safety."
If you’re in healthcare—directly or indirectly—this is your signal to act. At Ferrum, we help organizations:
Stay HIPAA compliant
Identify and close cybersecurity gaps
Strengthen ransomware response plans
Protect critical patient data