Gibbs Law Group LLP

Change Healthcare Cyberattack Class Action Lawsuit (2024)

At a glance

  • How has the Change Healthcare cyberattack affected patients and providers?

    Healthcare providers nationwide have been disrupted, costing some providers millions, and forcing patients to pay out-of-pocket for prescriptions

  • What is the goal of this lawsuit?

    Gibbs Law Group seeks money back for providers who are unable to pay bills, as well as patients who are forced to pay out-of-pocket for medications.

Healthcare provider or consumer harmed by Change Healthcare cyberattack?


A depressed, overwhelmed woman sits at the pharmacy counter. There is a pill bottle labelled "anti-depressants" in the pharmacist's hand.

The Change Healthcare data breach is the “most serious incident of its kind leveled against a U.S. healthcare organization.” 

– Rick Pollack, President & CEO of the American Hospital Association (“AHA”) 

Gibbs Law Group files class action lawsuit for medical providers harmed by Change Healthcare cyberattack

On March 18, 2024, Gibbs Law Group filed a class action lawsuit for providers against Change Healthcare Inc. following a massive data breach impacting the single largest healthcare payment processor in North America.

The cyberattack has crippled the U.S. healthcare system, negatively impacting patients, hospital systems, physicians, clinical social workers, and private and government-owned pharmacies. Medical providers say they are: 

  • Unable to pay their employees or bills 
  • Unable to check patient eligibility for treatment 
  • Unable to verify insurance coverage for patient treatment 
  • Unable to receive reimbursement for their rendered services 
  • Experiencing major cashflow issues and revenue loss 

According to a March 15, 2024 AHA survey, 94% of hospitals are experiencing a financial impact following the attack, with 60% of responding hospitals reporting $1 million per day or more in lost revenue. Pennsylvania doctor Christine Meyer told CBS News: 

“It’s been one of the most stressful things we’ve gone through as a practice, and that’s saying something given that we survived COVID[…]To find ourselves suddenly, you know, looking at our home and its value, and can we afford to put it up to pay our employees, is a terrible feeling.” 

Dr. Purvi Parikh, an allergist and immunologist in New York City, told CNBC that her practice hasn’t been able to receive reimbursement from insurers for patient visits which has makes it difficult to pay for operational expenses, calling the situation a “mess,” and “big stressor.”  

 

Contact our Legal Team

loading...

Gibbs Law Group files class action complaint against Change Healthcare on behalf of consumers

On March 12, 2024, Gibbs Law Group filed a class action lawsuit against Change Healthcare Inc. following the massive data breach. This lawsuit, filed on behalf of consumers, charges Change Healthcare with failing to take reasonable security measure to protect the personal health information of millions of Americans.

February 21, 2024 Change Healthcare cyber attack: patients stranded with out-of-pocket costs

Change Healthcare, a division of UnitedHealth Group, is the largest payment processor in North America and handles 15 billion transactions each year that touch 1 in every 3 patient records, according to the AHA and its website.  

United HealthGroup acknowledged in an SEC filing that on February 21, 2024, it identified a “cybersecurity threat” that gained access to some of its IT systems. As a result, Change Healthcare disabled critical systems used by doctors, hospitals, and pharmacies, and insurers to pay for and deliver care to their patients. The shutdown has left many patients stranded without their medicine or unexpectedly forced to pay for expensive medications out of pocket. The American Hospital Association has said that the nationwide impact of the breach “could be massive.”  

The lawsuit states that cybercriminal group Blackcat infiltrated Change Healthcare’s technology networks and stole personal identifying information like Social Security numbers, medical and insurance records, and more. Blackcat then demanded a $22 million ransom, reports NPR, highlighting huge vulnerabilities in Change and UnitedHealth Group’s systems.

What options do I have as a healthcare provider harmed by the Change healthcare cyberattack?

Optum, which merged with Change Healthcare in 2022, announced on its website that it has started offering a Temporary Funding Assistance Program to help with short-term cash flow needs for providers impacted by the disruption of Change Healthcare’s services.” However, many providers say the program is not sufficient to cover their financial and emotional losses. Medical providers who have been harmed by the cyberattack should contact an attorney for a free and confidential consultation to learn more about their rights and options.  

medication strewn on a surface next to a dollar bill.

Our class action lawyers’ leadership in data breach litigation

Gibbs Law Group partner Rosemary Rivas was recently quoted by Axios in an article on the harm that the Change Healthcare cyber attack has had on patients, and our firm’s work to fight on their behalf.

Gibbs Law Group partner David Berger has represented consumers in some of the largest and most influential privacy and data breach cases in the country and has repeatedly obtained record-setting settlements.  He frequently speaks at conferences on data breach cases and other class action topics. David is a former Chair of the American Association for Justice’s Consumer Privacy and Data Breach Litigation Group. 

About Gibbs Law Group

Gibbs Law Group is a nationwide leader in class action lawsuits seeking to holding companies accountable for large-scale data breaches.  It has prosecuted some of the largest privacy cases throughout the country, and the firm’s attorneys have received numerous awards for their privacy and data breach work including “Cybersecurity & Privacy MVP,” “Top Cybersecurity and Privacy Attorneys Under 40,” and “Titans of the Plaintiffs Bar.”

The firm achieved a historic $1.5 billion settlement from Equifax in 2019, on behalf of 147 million consumers whose social security numbers and other private data were exposed in a breach.  Described by the court as “the largest and most comprehensive recovery in a data breach in U.S. history by several orders of magnitude,” the settlement also required Equifax to spend over $1 billion in data security technology and to make comprehensive security reforms.  Previously, the firm negotiated a $115 million settlement in the Anthem data breach, the largest data breach settlement at the time, after approximately 80 million personal records were compromised in a massive data breach of health insurance giant.

california lawyer attorney of the year CLAY award
titan of plaintiffs bar award
best law firm ranking
chambers USA leading firms award
daily journal top plaintiff lawyers award

Lawyers for the healthcare data cyberattack:

Rosemary Rivas

Rosemary is devoted to obtaining justice for consumers in lawsuits involving claims of false advertising, defective products, and privacy violations.

View full profile

David Berger

David represents consumers in data breach, privacy, and financial services litigation. He has prosecuted some of the largest privacy cases nationwide.

View full profile

Eric Gibbs

A founding partner at the firm, Eric has negotiated groundbreaking settlements that favorably shaped laws and resulted in business practice reforms.

View full profile

Rosanne Mah

Rosanne represents consumers in complex class action cases involving deceptive or misleading practices, false advertising, and data/privacy issues.

View full profile