Healthcare Dive: The aftermath of Change: Two experts on how healthcare organizations can prevent the next cyberattack
Following the detrimental cyberattack that impacted UnitedHealth-owned Change Healthcare and trickled down throughout the whole industry, Healthcare Dive recently conducted a Q&A with NetSPI’s Managing Director, Phil Morris. The piece discusses how healthcare organizations can recover from cyberattacks and what they must do to protect themselves going forward. Read the preview below or view it online.
+++
In February, a massive cyberattack at UnitedHealth-owned Change Healthcare shut down many of the financial operations of healthcare organizations.
The industry is still recovering. Providers have had difficulty receiving payments, verifying coverage and sending prior authorization requests. The CMS has released guidance on payment flexibilities to provide assistance to providers affected by the Change outage.
The attack impacted Change’s claims clearinghouses as well as its pharmacy network. In a recent earnings call, UnitedHealth executives said that, although most of Change’s operations have been resumed, the company shouldn’t expect to get back to “expected service levels” until 2025.
Healthcare Dive spoke with two cyber experts — Phil Morris and Chad Peterson, both managing directors at cybersecurity firm NetSPI — about how healthcare organizations can recover from the attack and what they need to do to protect themselves going forward.
You can read the full article at https://www.healthcaredive.com/news/change-healthcare-cyberattack-aftermath-cybersecurity-netspi/713617/
Authors:
Explore More News
NetSPI Expands Suite of AI-Powered Continuous Pentesting Services as Organizational Attack Surfaces Grow
NetSPI expands suite of Human-Led, AI-Powered Continuous Pentesting Services, including a first-of-its-kind AI Findings Validation service, as well as continuous testing for web applications and internal networks.
AI’s Role in the Next Era of Pentesting
This article discusses how AI can accelerate penetration testing, but without human expertise to validate findings and apply business context, organizations risk confusing faster output with stronger security.
Why Continuous Security Validation is Becoming a Security Imperative
CTO Magazine interviewed NetSPI's Field CISO, Nabil Hannan, for a June 11, 2026, article about how cloud-native architectures, continuous deployment pipelines, APIs, and AI-assisted development have accelerated change across enterprise environments.