Close Menu
Technology Mag

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    The GOP’s big spending bill could kill renewable energy projects

    July 1, 2025

    A Dedicated Hot Dog Cooker Is the Spirit of American Summer

    July 1, 2025

    Nothing Headphone 1 review: head-turning

    July 1, 2025
    Facebook X (Twitter) Instagram
    Subscribe
    Technology Mag
    Facebook X (Twitter) Instagram YouTube
    • Home
    • News
    • Business
    • Games
    • Gear
    • Reviews
    • Science
    • Security
    • Trending
    • Press Release
    Technology Mag
    Home » Medical-Targeted Ransomware Is Breaking Records After Change Healthcare’s $22M Payout
    Security

    Medical-Targeted Ransomware Is Breaking Records After Change Healthcare’s $22M Payout

    News RoomBy News RoomJune 15, 20244 Mins Read
    Facebook Twitter Pinterest LinkedIn Reddit WhatsApp Email

    In fact, ransomware attacks on health care targets were on the rise even before the Change Healthcare attack, which crippled the United Healthcare subsidiary’s ability to process insurance payments on behalf of its health care provider clients starting in February of this year. Recorded Future’s Liska points out that every month of 2024 has seen more health care ransomware attacks than the same month in any previous year that he’s tracked. (While this May’s 32 health care attacks is lower than May 2023’s 33, Liska says he expects the more recent number to rise as other incidents continue to come to light.)

    Yet Liska still points to the April spike visible in Recorded Future’s data in particular as a likely follow-on effect of Change’s debacle—not only the outsize ransom that Change paid to AlphV, but also the highly visible disruption that the attack caused. “Because these attacks are so impactful, other ransomware groups see an opportunity,” Liska says. He also notes that health care ransomware attacks have continued to grow even compared to overall ransomware incidents, which stayed relatively flat or fell overall: The first four months of this year, for instance, saw 1,153 incidents compared to 1,179 in the same period of 2023.

    When WIRED reached out to United Healthcare for comment, a spokesperson for the company pointed to the overall rise in health care ransomware attacks beginning in 2022, suggesting that the overall trend predated Change’s incident. The spokesperson also quoted from testimony United Healthcare CEO Andrew Witty gave in a congressional hearing about the Change Healthcare ransomware attack last month. “As we have addressed the many challenges in responding to this attack, including dealing with the demand for ransom, I have been guided by the overriding priority to do everything possible to protect peoples’ personal health information,” Witty told the hearing. “As chief executive officer, the decision to pay a ransom was mine. This was one of the hardest decisions I’ve ever had to make. And I wouldn’t wish it on anyone.”

    Change Healthcare’s deeply messy ransomware situation was complicated further—and made even more attention-grabbing for the ransomware hacker underworld—by the fact that AlphV appears to have taken Change’s $22 million extortion fee and jilted its hacker partners, disappearing without giving those affiliates their cut of the profits. That led to a highly unusual situation where the affiliates then offered the data to a different group, RansomHub, which demanded a second ransom from Change while threatening to leak the data on its dark web site.

    That second extortion threat later inexplicably disappeared from RansomHub’s site. United Healthcare has declined to answer WIRED’s questions about that second incident or to answer whether it paid a second ransom.

    Many ransomware hackers nonetheless widely believe that Change Healthcare actually paid two ransoms, says Jon DiMaggio, a security researcher with cybersecurity firm Analyst1 who frequently talks to members of ransomware gangs to gather intelligence. “Everyone was talking about the double ransom,” DiMaggio says. “If the people I’m talking to are excited about this, it’s not a leap to think that other hackers are as well.”

    The noise that situation created, as well as the scale of disruption to health care providers from Change Healthcare’s downtime and its hefty ransom, served as the perfect advertisement for the lucrative potential of hacking fragile, high-stakes health care victims, DiMaggio says. “Health care has always had so much to lose, it’s just something the adversary has realized now because of Change,” he says. “They just had so much leverage.”

    As those attacks snowball—and some health care victims have likely forked over their own ransoms to control the damage to their life-saving systems—the attacks aren’t likely to stop. “It’s always looked like an easy target,” DiMaggio notes. “Now it looks like an easy target that’s willing to pay.”

    Updated 6/12/24 9:35am ET: This story has been updated to reflect that ransomware incident totals comprise the fist four months of the year, not just April.

    Share. Facebook Twitter Pinterest LinkedIn WhatsApp Reddit Email
    Previous ArticleThe World’s Largest Fungus Collection May Unlock the Mysteries of Carbon Capture
    Next Article Apple announced RCS with a whimper when it should have been a bang

    Related Posts

    Telegram Purged Chinese Crypto Scam Markets—Then Watched as They Rebuilt

    June 30, 2025

    Taiwan Is Rushing to Make Its Own Drones Before It’s Too Late

    June 28, 2025

    What Satellite Images Reveal About the US Bombing of Iran’s Nuclear Sites

    June 27, 2025

    Here’s What Federal Troops Can (and Can’t) Do While Deployed in LA

    June 25, 2025

    Truth Social Crashes as Trump Live-Posts Iran Bombing

    June 25, 2025

    ‘No Kings’ Protests, Citizen-Run ICE Trackers Trigger Intelligence Warnings

    June 23, 2025
    Our Picks

    A Dedicated Hot Dog Cooker Is the Spirit of American Summer

    July 1, 2025

    Nothing Headphone 1 review: head-turning

    July 1, 2025

    The MLS Season Pass is 50 percent off ahead of the All-Star game and Leagues Cup 

    July 1, 2025

    Senator Blackburn Pulls Support for AI Moratorium in Trump’s ‘Big Beautiful Bill’ Amid Backlash

    July 1, 2025
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo
    Don't Miss
    News

    Laptop Mag is shutting down

    By News RoomJuly 1, 2025

    Laptop Mag is shutting down after nearly 35 years of providing consumers with in-depth information…

    How to Make AI Faster and Smarter—With a Little Help From Physics

    July 1, 2025

    Xiaomi’s YU7 Is an SUV-Sized Middle Finger to Tesla’s Model Y

    July 1, 2025

    Apple accuses former Vision Pro engineer of stealing trade secrets

    July 1, 2025
    Facebook X (Twitter) Instagram Pinterest
    • Privacy Policy
    • Terms of use
    • Advertise
    • Contact
    © 2025 Technology Mag. All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.