Two independent medical practices in Minnesota once hoped to expand operations but have spent the past year struggling to recover from the cyberattack on a vast UnitedHealth Group payment system.

Odom Health & Wellness, a sports medicine and rehabilitation outfit, and the Dillman Clinic & Lab, a family medicine practice, are among the thousands of medical offices that experienced sudden financial turmoil last year. The cyberattack against Change Healthcare, a division of United, paralyzed much of the nation’s health-care payment system for months.

Change lent billions of dollars to medical practices that were short on cash but has begun demanding repayments.

Dillman and Odom are suing United in U.S. District Court in Minneapolis, accusing the corporation of negligence related to the cyberattack and claiming they sustained excessive expenses because of the attack’s fallout.

In addition, Odom and Dillman asserted in court filings that the company’s insurance arm, UnitedHealthcare, has in turn been denying claims to cover patient care for being submitted late.

Lawmakers viewed the chaos caused by the cyberattack as a result of United’s seemingly insatiable desire to buy up companies like Change, alongside doctors’ practices and pharmacy businesses. The widespread disruption was a reminder of how deeply United’s sprawling subsidiaries had become embedded in the nation’s health care system.

“This is yet another sign that the rapid consolidation of major health care companies has harmed, rather than helped, American patients and doctors,” Senator Ron Wyden, Democrat of Oregon, said of the financial bind that the cyberattack had placed on practices.

Last month, the American Medical Association sent a letter to Optum, the UnitedHealth division that owns Change, saying that it was concerned that many practices were being pressured to repay loans despite continued financial difficulties from the cyberattack.

Since March 2024, Change had provided $9 billion in interest-free loans to more than 10,000 medical providers, including $569,680 to Odom and $157,600 to Dillman.

A year later, roughly $5.5 billion had been repaid, United said in court filings. About 3,500 practices, including Odom, Dillman and six other plaintiffs in the lawsuits, had made no repayments as of April 1. Several other practices and patients have also filed suits against United.

In a statement, Change said it would “continue to actively work with providers to identify flexible repayment plans based on the individual circumstances of providers and their practices.”

It added, “We have also worked with UnitedHealthcare to ensure the claims it receives are reviewed in light of the challenges providers experienced, including waiving timely filing requirements for the plans under its control.”

Change compared its efforts to recoup loans to those by the Centers for Medicare and Medicaid Services. After the cyberattack, C.M.S. provided accelerated payments to practices to cover Medicare billings delayed by the cyberattack. It has since garnished Medicare claims to recoup the funds.

In court filings, United cited data showing that only a small percentage of Odom’s and Dillman’s health care claims were rejected for being “untimely,” although those denials increased after the cyberattack.

Calling the plaintiffs’ motions a “collective shakedown,” UnitedHealth has also requested that the district court reject their request for an injunction against repayment of loans, arguing that they did not have the right to interfere in its business with thousands of other loan recipients.

An injunction, United argued, could be used by other medical practices to “hold hostage billions of dollars.”

Dr. Megan Dillman, who specializes in pediatrics and internal medicine, said she had opened her Lakeville, Minn., practice in 2022 to “bring the joy back to medicine.” She said she spent far more time with patients than the spartan 15 minutes that corporate health care operations have increasingly required of their doctors.

“I have some patients where I don’t think they would be here today if we didn’t exist,” Dr. Dillman said, citing cancers she had detected that had been missed by more hurried doctors.

Her husband, Richard Dillman, runs the business side of the practice. He called United’s repayment demands “a kick in the teeth.”

“I’d rather go through the Special Forces qualification course back to back — to back to back — than ever do this again,” said Mr. Dillman, a former Green Beret.

At the time of the cyberattack, Change’s medical-billing clearinghouse processed about 45 percent of the nation’s health care transactions, or about $2 trillion annually. The company had to take its services offline in February 2024 to contain damage from the attack, halting much of the health care system’s cash flow and unleashing chaos.

The associated breach of private information was the largest reported in U.S. health-care history. In January, United increased the reported number of people whose personal data had been exposed to 190 million from 100 million.

The U.S. Department of Health and Human Services’s Office of Civil Rights opened an investigation into the ransomware attack in March 2024. An agency spokesperson stated that it “does not generally comment on current or open investigations.” Some health care companies have been fined for breaches involving patient data.

Company officials have said that the hackers infiltrated Change’s systems by obtaining compromised login credentials and using a portal for entry that did not require multifactor authentication.

United officials confirmed that the company had paid a $22 million ransom to the Russian cybercriminals who claimed responsibility. The corporation reported in a January earnings report that the cyberattack had by then cost $3.1 billion.

Health care reimbursements didn’t begin to channel relatively freely through Change until June 2024, although United said that some of its systems had taken longer to come back online and that a few were still not at 100 percent.

At congressional hearings in May 2024, senators slammed Andrew Witty, United’s chief executive, for how the company had handled the cyberattack and the disruption it caused thousands of providers. Mr. Witty testified that the company had “no intention of asking for repayment until providers determine their business is back to normal.”

The loan terms stipulated that Change would not demand repayment until “after claims processing and/or payment processing services and payments impacted during the service disruption period are being processed.”

The meaning of “being processed” is now at the center of the court cases.

Change began seeking repayment from Dillman and Odom through what the medical practices characterized in court filings as a succession of increasingly aggressive letters. Both practices told Change they were unable to repay and neither accepted repayment plan offers. Change then in January demanded full repayment and threatened to withhold future reimbursements for patients’ health care.

“It’s disappointing but not surprising that UnitedHealth Group has decided to prioritize its bottom line over the well-being of families and small businesses,” said Mr. Wyden, who led the Senate hearing on the cyberattack.

The A.M.A. called upon the company to negotiate “an individualized, realistic repayment plan” with each practice.

Dr. Catherine Mazzola, who runs a pediatric neurology and neurosurgery practice in New Jersey, is among many others who have also battled with United over the loans.

“Optum, in my opinion, is acting like a loan shark trying to rapidly collect,” Dr. Mazzola, who is not a plaintiff in the lawsuits against United, said of the division that owns Change.

Dr. Mazzola received a $535,000 loan, and she said she had later told Change she could not repay it. She proposed a schedule but received no response. So she began paying $10,000 a month in January. But without any warning, she said, United began garnishing her reimbursements.

Today, Dr. Odom employs about 110 people, many of whom provide rehab to older people in assisted-living facilities. If his practice had to repay the Change loan immediately, his lawsuit asserted, he would have to lay off at least 22 staff members. Dr. Odom said that could prompt assisted-living chains to drop his services and cause more financial harm.

“We face an uphill battle as such a small company,” said Dr. Meghan Klein, Odom’s president. Speaking to the gulf between her company’s finances and United’s, she said: “What is little impact to them is huge impact to us. These are a lot of people’s lives that we’re worried about.”

The Dillman Clinic, which derives about one-quarter of its income from United insurance reimbursements, would face bankruptcy if forced to fully repay its loan, according to its lawsuit.

Having leveraged their house, their cars and their retirement accounts against their practice, the Dillmans would lose all of their assets to bankruptcy, including their home, they said.

“Part of the goal of being here is to have control over my schedule,” Dr. Dillman said. But the cyberattack-driven chaos has consumed the couple’s time, leaving little for their 6-year-old daughter.

“There are days I see her for an hour,” Dr. Dillman said. “I’m missing her childhood.”