Wyoming

Change Healthcare is one of Wyoming's most prominent healthcare systems. The institution, a subsidiary of UnitedHealth Group, processes payments between providers and insurance corporations. It experienced a data breach in February 2024 that impacted the transmission of electronic attachments and claims. The hackers who implemented the breach refer to themselves as 'BlackCat'. They demanded $22 million from Change Healthcare to restore its data. Change Healthcare's personnel disconnected all compromised computer systems upon discovering the breach. The institution also paid the ransom before engaging federal officials to review patient privacy regulations and investigate the breach. Change Healthcare notified providers and patients about the breach after discovering it. Change Healthcare successfully isolated its compromised files and has engaged cybersecurity experts to prevent similar infiltrations in the future. The investigation into BlackCat's infiltration of the institution's IT network is still ongoing.

In November 2023, the City of Rawlins experienced a data breach. The Wyoming Division of Criminal Investigation informed the City of Rawlins about a potential cyber breach of its computer servers. Though an unidentified hacker infiltrated the city's computer servers, no city services were interrupted. That is because the breach was swiftly discovered by local, state, and federal agencies, and any attempts to disrupt services were thwarted. The City of Rawlins' personnel notified their employees about the data breach and encouraged them to take steps to prevent such infiltrations in the future. The Cybersecurity and Infrastructure Security Agency gave guidance and linked the City of Rawlins with the Multi-State Information and Analysis Center, which assists cyberattack victims.

On June 22, 2021, the Eastern Wyoming College suffered a data breach. The College's email, phone, and computer systems were disabled for 24 hours. The College's administrators engaged state cybersecurity professionals, Department of Homeland Security personnel, and law enforcement officials to investigate the cybersecurity attack and reinstate its network. The Eastern Wyoming College restored its computer network within days after the attack. Due to the data breach, the College recommended that its students alter their usernames and passwords to safeguard their personal information.

In 2020, the Wyoming Department of Health experienced a data breach that compromised the personal data of more than 165,000 Wyoming residents. On March 10, 2020, the Department discovered that an employee had inappropriately handled sensitive patient data, causing the unintentional exposure of more than 50 files containing COVID-19 test results. The employee mistakenly uploaded these files to public online storage repositories through GitHub servers. That made the data available to GitHub users who were not authorized to view it. The Wyoming Department of Health began to inform affected individuals about the data breach a few days after discovering it. The Department also advertised on its website that all persons who took COVID-19 tests between January and March 2020 should call its offices through a designated number to determine if their data was compromised. The Wyoming Department of Health has since hired independent cybersecurity specialists to improve the security measures applied to safeguard its network.

In 2019, Wyoming's Cheyenne Regional Medical Center suffered a data breach. The health institution's payroll software was infiltrated by hackers using a phishing ransomware attack. That caused an outage that forced multiple departments at Cheyenne Regional Medical Center to manually input information so that their workers received their salaries on time. Some workers were underpaid, while others were overpaid. The data breach affected more than 2000 workers. The institution's executives swiftly moved to correct the problem, with underpaid workers being given their full salaries while overpaid workers were offered multiple payback options. The hackers compromised sensitive information such as the Cheyenne Regional employees' driver's license numbers, financial account information, and Social Security numbers. The institution hired independent cybersecurity specialists to investigate the data breach and safeguard its network. It also offered affected employees credit monitoring services for a limited period.