A Cyberattack on the Largest Health Insurer in the U.S. Could Put Your Prescriptions and Personal Data at Risk The issue was detected last Wednesday and has caused disruptions for the past week.

By Amanda Breen

Key Takeaways

  • Data breaches in the U.S. are at an all-time high.
  • The cyberattack targeted Change Healthcare, a division of United's Optum.
  • Change Healthcare is responsible for roughly 15 billion transactions a year.

A possible ransomware attack on a unit associated with UnitedHealthcare — the largest insurer in the U.S. — has upset drug prescription orders at thousands of pharmacies for the past week.

The cyberattack, detected February 21, targeted Change Healthcare, a division of United's Optum; two senior federal law enforcement officials said it looked like a foreign country had undertaken the attack, The New York Times reported.

Related: The Jaw-Dropping Range of Cybercrimes is Due to the Gap in the Cybersecurity Workforce

Change, which was acquired by UnitedHealth Group for $13 billion in 2022, is responsible for roughly 15 billion transactions a year, spanning U.S. patient records and prescriptions across dental, clinical, and other medical areas. It serves as a "digital intermediary" for pharmacies that need to confirm a patient's coverage, per the outlet.

Data breaches in the U.S. are at an all-time high, according to a report from Apple: In the first nine months of 2023, data breaches nationwide increased by almost 20% compared to all of 2022.

"This [UnitedHealthcare] incident serves as yet another reminder of the interconnectedness of the domestic healthcare ecosystem and of the urgency of strengthening cybersecurity resiliency across the ecosystem," Jeff Nesbit, a spokesman for the U.S. Department of Health and Human Services, told the Times.

Change said in a statement Monday that it had "worked closely with customers and clients to ensure people have access to the medications and the care they need" and that many pharmacies were able to keep filling prescriptions despite the challenge.

Related: 3 Reasons to Increase Your Cybersecurity Protocols in 2024

It remains to be seen if patient information was breached; if it was, federal law requires "vendors of personal health records and related entities" to inform those affected.

Amanda Breen

Entrepreneur Staff

Senior Features Writer

Amanda Breen is a senior features writer at Entrepreneur.com. She is a graduate of Barnard College and received an MFA in writing at Columbia University, where she was a news fellow for the School of the Arts.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Buying / Investing in Business

Former Zillow Execs Target $1.3T Market

Co-ownership is creating big opportunities for entrepreneurs.

Living

The 5-Hour Rule Used by Bill Gates, Jack Ma and Elon Musk

The most successful people on the planet are also the people most likely to devote an hour a day to reading and learning.

Business News

Meta Says It Has Fired 20 Employees For Leaking Information: 'We Expect There Will Be More'

Meta has a strict no-leaks policy, but internal memos and meeting recordings have still made their way outside the company.

Side Hustle

I've Made Hundreds of Thousands of Dollars With a Fun Side Hustle — And You Might Have Seen Me Doing It on TV

Phil Schraeder, CEO at GumGum Advertising, turned a childhood passion into a lucrative side gig.

Business Ideas

70 Small Business Ideas to Start in 2025

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2025.

Business News

MrBeast's Holding Company Could Be Worth $5 Billion After Its Latest Fundraising Round

The YouTube creator is reportedly in talks to raise funds for a holding company for his various businesses, including his snack brand, Lunchly.