On February 21, 2024, a cybercriminal group known as Blackcat broke into Change Healthcare’s systems and stole sensitive personal data, including:
Social Security numbers
Medical and insurance records
The hackers demanded a $22 million ransom, according to NPR. The attack led Change Healthcare to shut down systems used by doctors, hospitals, pharmacies, and insurers.
The Change Healthcare data breach is the “most serious incident of its kind leveled against a U.S. healthcare organization.
Rick Pollack, President & CEO of the American Hospital Association (“AHA”)
Change Healthcare, a division of UnitedHealth Group, is the largest healthcare payment processor in North America, handling about 15 billion transactions each year and one in three patient records. The attack affected patients, hospital systems, physicians, clinical social workers, and private and government-owned pharmacies.
Medical providers said they were:
Unable to pay employees or bills
Unable to check patient eligibility for treatment or verify insurance coverage
Unable to receive reimbursement for services provided
Facing major cash flow issues and revenue loss
A March 15, 2024 survey by the American Hospital Association found that 94% of hospitals experienced financial impact following the attack, with 60% losing $1 million or more per day.
It’s been one of the most stressful things we’ve gone through as a practice, and that’s saying something given that we survived COVID […] To find ourselves suddenly, you know, looking at our home and its value, and can we afford to put it up to pay our employees, is a terrible feeling.
Christine Meyer, Pennsylvania doctor, via CBS News
Dr. Purvi Parikh, an allergist and immunologist in New York City, told CNBC that her practice hadn’t been able to receive reimbursement from insurers for patient visits, which made it difficult to pay for operational expenses, calling the situation a “mess,” and “big stressor.”
Take Action
Affected by the Change Healthcare Cyberattack?
Here’s What Healthcare Providers can do.
Medical providers who have been harmed by the cyberattack should contact an attorney for a free and confidential consultation to learn more about their rights and options.
Experts In Data Breach Class Actions: Our Class Action Lawyers
Gibbs Mura partner Rosemary Rivas was quoted by Axios in an article about the harm that the Change Healthcare cyberattack had on patients, and our firm’s work to fight on their behalf. For over two decades, Ms. Rivas has represented consumers and businesses harmed by companies for negligence and other wrongful conduct. She regularly speaks on matters relating to complex litigation and has been repeatedly recognized for her work on behalf of her clients.
Gibbs Mura partner David Berger has represented consumers in some of the largest and most influential privacy and data breach cases in the country and has repeatedly obtained record-setting settlements. He frequently speaks at conferences on data breach cases and other class action topics. David is a former Chair of the American Association for Justice’s Consumer Privacy and Data Breach Litigation Group.
About Us
Gibbs Mura is a California-based law firm committed to protecting the rights of clients nationwide who have been harmed by corporate misconduct. We represent individuals, whistleblowers, employees, and small businesses across the U.S. against the world’s largest corporations. Our award-winning lawyers have achieved landmark recoveries and billions of dollars for our clients in high-stakes class action and individual cases involving consumer protection, data breach, digital privacy, and federal and California employment lawsuits. Our attorneys have received numerous honors for their work, including “Top Plaintiff Lawyers in California,” “Top Class Action Attorneys Under 40,” “Consumer Protection MVP,” “Best Lawyers in America,” and “Top Cybersecurity/ Privacy Attorneys Under 40.”
