Breach taxonomy
Summary
On February 21, 2024, UnitedHealth Group identified that a suspected nation-state associated threat actor had gained access to Change Healthcare IT systems — the largest healthcare payment clearinghouse in the United States, processing approximately one-third of all US medical claims. The company immediately isolated the impacted systems from other connecting systems to contain the incident, causing widespread disruption to pharmacy transactions and healthcare payment processing across the country. The company engaged leading security experts and worked with law enforcement; all other UnitedHealth systems were stated to be operational at the time of filing.
Tagging rationale
ThreatNation State
Initial 8-K filing states a suspected nation-state associated cyber security threat actor had gained access — explicit attribution at time of filing.