66% of Healthcare Organizations have been Ransomware Victims - Learn from Change Healthcare Mistakes with AI-Powered Prevention

Jericho Security Contributor

May 6, 2024

Ransomware Attacks in Healthcare - A Growing Menace:

  • 66% of healthcare organizations have been a victim. (Source: Sophos' State of Ransomware in Healthcare 2022)
  • $1.85 million average cost of data breach(Source: IBM's 2021 Cost of a Data Breach Report)


Nearly two-thirds of healthcare organizations have fallen victim to ransomware attacks, seriously threatening their operations and sensitive data. UnitedHealth Group said on Monday that it paid ransom to cyber threat actors to protect patient data following the February cyberattack on its subsidiary Change Healthcare. The company also confirmed that files containing personal information were compromised in the breach. “Malicious threat actors conducted this attack, and we continue to work with law enforcement and multiple leading cyber security firms during our investigation,” UnitedHealth told CNBC in a statement. “A ransom was paid as part of the company’s commitment to do all it could to protect patient data from disclosure.”

This incident serves as a stark reminder of the constant threat faced by organizations in the healthcare sector and highlights the importance of robust cybersecurity measures. In this blog post, we'll discuss what could have been done to prevent this attack and how Jericho's AI-based training solutions can help strengthen an organization's defense against such threats.

Preventative Measures

UnitedHealth Group's Change Healthcare could have employed phishing simulations and training to prevent the ransomware attack in the following ways:

  • Phishing Simulations: Conducting regular phishing simulations helps employees recognize and report suspicious emails, significantly reducing the likelihood of falling for real phishing attempts.
  • Comprehensive Training: Providing comprehensive training on identifying common phishing tactics, such as spoofed sender addresses, suspicious links, or urgent requests for sensitive information, empowers employees to be vigilant against potential attacks.
  • Real-World Examples: Including real-world examples and case studies in training sessions helps employees understand the severity of phishing threats and the importance of remaining vigilant.
  • Reinforcement and Tracking: Continuously reinforcing best practices and tracking employee performance through phishing simulations helps identify improvement areas and measure the training program's effectiveness.


By investing in phishing simulations and comprehensive training, organizations can create a human firewall that complements their security infrastructure and effectively mitigates the risk of phishing-based ransomware attacks.


The Jericho Advantage

Jericho Software's AI-based training solutions are designed to empower healthcare organizations in the fight against cyber threats like ransomware. Here's how we can help:


  • Intelligent Training Platform: Our platform leverages AI to personalize training modules based on individual skill levels and learning needs, ensuring that employees receive the most relevant and impactful training
  • Simulated Attacks: Jericho can simulate real-world phishing attacks to assess employees' readiness and identify areas for improvement.
  • Real-Time Reporting: Our system provides immediate feedback and guidance, enabling employees to learn from their mistakes and reinforce positive behaviors.


The Change Healthcare ransomware attack reminds organizations to remain vigilant and proactive in their cybersecurity efforts. By implementing robust preventative measures and leveraging AI-based training solutions like Jericho Software, healthcare organizations can fortify their defenses and minimize the risk of being victims of cyberattacks.

Jericho Security Contributor

May 6, 2024

Get the latest updates

Join our newsletter