NCANCA-Insides: Lessons from the hacks in the healthcare sector

Sicherheit (Pexels, allgemeine Nutzung)[German]Weeks ago, there were serious cyberattacks on Change Healthcare, a payment service provider of the UnitedHealth Group, which paralyzed the supply of medicines in the USA due to payments no longer being made. In this context, I received a document with NCA insigts a few weeks ago, which raised the question of what lessons can be learned from the hacks in the healthcare sector. In my opinion, this also applies to IT in the German healthcare sector.


Cyber attacks on Change Healthcare

Change Healthcare is a provider of revenue and payment processing management for the US healthcare system. The provider handles virtually all payments between payers, healthcare providers and patients within the US.

First cyberattack

The company was the victim of its first cyberattack on February 21, 2024, by the ALPHV/Blackcat ransomware group (see the German article Nachlese Datenlecks und Hacks der Woche (23. Feb. 2024)). As a result of this attack, their IT systems went down, preventing the payment of benefits to doctors. As a result of the attack, electronic payments and medical claims could not be processed by UnitedHealth Group. As a result, there were widespread disruptions throughout the USA.

Second cyber attack

In the German blog post Sicherheitsvorfälle März/April 2024 (Stand 9.4.2024), I revealed that Change Healthcare had fallen victim to a second ransomware group, RansomHub. This incident resulted in the loss of 4 TByte of data. I reported on these cases and the consequences in the article Desaster Cyberangriff auf Change Healthcare der UnitedHealth Group.

What lessons can be learned?

According to the National Cybersecurity Alliance (NCA), the cyberattack on UnitedHealth Group and Change Healthcare highlights the importance of robust cybersecurity measures in the healthcare sector.

Companies need to improve security

First, healthcare organizations must conduct comprehensive risk assessments and implement strict security protocols to protect sensitive patient data. This includes regular security audits, staff training on cybersecurity best practices, encryption of data at rest and in transit, and proactive monitoring of suspicious activity.


In addition, investing in cutting-edge cybersecurity technologies and partnering with reputable cybersecurity companies can strengthen defenses against evolving cyber threats.

Government regulation required

For the NCA, the incident underscores the vital role of government oversight and regulation in protecting health data. Government agencies, such as the Department of Health and Human Services' Office for Civil Rights, play an important role in enforcing compliance with privacy laws, such as the Health Insurance Portability and Accountability Act (HIPAA).

Through rigorous investigations and enforcement actions, regulators can hold healthcare organizations accountable for privacy lapses and ensure a rapid response to cyber incidents.

In addition, collaboration between government agencies, law enforcement, and private sector stakeholders is essential to improve threat intelligence sharing and coordinate responses to cyber threats, ultimately strengthening the resilience of the healthcare industry against future cyber attacks.

Involving consumers and patients

In light of the recent cyber-attack on UnitedHealth Group and Change Healthcare, consumers and patients also have a critical role to play in protecting their personal health data.

  • An important step is to ensure that sensitive data is only shared with trusted healthcare providers and facilities, both online and offline.
  • Patients should inquire about the security measures put in place by their healthcare providers, including encryption protocols and data breach response plans.
  • They should also regularly review their medical bills and insurance statements for discrepancies or unauthorized billing that could indicate fraudulent activity.
  • In addition, strong, unique passwords for healthcare portals and enabling multifactor authentication can provide an additional layer of security for personal health data.

By staying informed, vigilant and proactive, patients and consumers can help protect their own healthcare data and mitigate the risks posed by cyber threats to healthcare.

Cookies helps to fund this blog: Cookie settings

This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *