Groups Warn Health Sector of Change Healthcare Cyber Fallout

Some Researchers Confident ConnectWise ScreenConnect Flaw Was Exploited in Attack
February 26, 2024 Marianne Kolbasuk McGee
Health-ISAC issued an advisory urging healthcare sector entities to closely monitor potential impact from the recent attack on Change Healthcare. (Image: H-ISAC)
Industry groups, including the Health Information Sharing and Analysis Center and the American Hospital Association, are urging their members to take precautions in the wake of a cyberattack last week on Change Healthcare, a unit of Optum.
“As the incident is still under investigation, it is not possible to confirm the attack details,” Health-ISAC said. “Regardless of what happened at Change Healthcare, RedSense anticipates more organizations will be compromised as the ScreenConnect exploit is apparently fairly trivial to execute.”
Health-ISAC already has received reports of widespread exploitation of the ScreenConnect vulnerabilities, its chief security officer, Errol Weiss, told ISMG on Monday. “We’re urging all organizations, regardless of what sector they are in, that if they are using ScreenConnect, they should immediately follow the ConnectWise advisory.”
Read the full article in Healthcare InfoSecurity here:
- Related Resources & News
- Potential Terror Threat Targeted at Health Sector – AHA & Health-ISAC Joint Threat Bulletin
- New Cybersecurity Policies Could Protect Patient Health Data
- CyberWire Podcast: PHP flaw sparks global attack wave
- Health-ISAC Hacking Healthcare 3-14-2025
- HSCC Aiming to Identify Healthcare Workflow Chokepoints
- New Healthcare Security Benchmark Highlights Key Investment Priorities and Risks
- Are Efforts to Help Secure Rural Hospitals Doing Any Good?
- CISA cuts $10 million annually from ISAC funding for states amid wider cyber cuts
- 2024 Health-ISAC Discussion Based Exercise Series After-Action Report
- Cobalt Strike takedown effort cuts cracked versions by 80%