On February 21, 2024, the Russian ransomware group ALPHV, known as “BlackCat,” launched an attack on Change Healthcare, which is part of Optum and is a subsidiary of UnitedHealth Group. While not well-known to patients, Change Healthcare is crucial for medical providers in the U.S., managing private health information for roughly one in three individuals. The company, is now facing a lawsuit along with its parent companies.
This ransomware attack crippled Change Healthcare’s nationwide billing and information systems. The hackers demanded a ransom to restore access. This attack rendered healthcare providers and pharmacies unable to process insurance claims, significantly disrupting their operations and finances for weeks or even months, with ongoing repercussions throughout the industry.
PW partner Melissa Weiner was appointed Co-Chair of the Plaintiff Steering Committee in this nationwide data breach multi-district litigation. Plaintiffs allege a ransomware group breached Change Healthcare’s servers and obtained 6 terabytes of crucial confidential and highly sensitive data. This breach led to network disruptions that have affected millions of patients and healthcare providers nationwide. Plaintiffs have alleged the repercussions of this data breach have already caused and will continue to cause significant disruptions in the healthcare sector for patients and providers.
The matter is In Re: Change Healthcare, Inc. Customer Data Security Breach Litigation and is currently pending in the District of Minnesota, Case No. 0:24-md-03108-DWF-DJF.