In a significant cybersecurity breach, health care providers across the United States are grappling with the aftermath of a cyberattack on Change Healthcare, a major U.S. health care technology company. The attack, acknowledged by the company on February 21, has raised concerns about the security of patients’ information and is causing disruptions in prescription services and payroll processing for medical workers.
Change Healthcare, a subsidiary of UnitedHealth Group, revealed on Thursday that a ransomware group known as ALPHV, or Blackcat, was responsible for the attack. The breach has impacted billing and care-authorization portals nationwide, affecting systems of Change Healthcare, Optum, UnitedHealthcare, and UnitedHealth Group. The company, processing a staggering 14 billion transactions annually, is currently assessing the full extent of the attack.
In response to the incident, Change Healthcare emphasized in a statement, “Patient care is our top priority, and we have multiple workarounds to ensure people have access to the medications and the care they need.” However, the American Hospital Association (AHA) warns of potential disruptions in discharging patients from hospitals, with immediate impacts including delays in prescription services.
The severity of the situation may still be unfolding, as hospitals report issues in processing claims, billing patients, and verifying insurance coverage for care. Ben Teicher, spokesperson for the AHA, expressed concern about the underreported consequences, stating, “The impact to hospitals is just now really starting to crystallize, and as a result has been underreported.” Delays in service approvals and potential challenges in meeting payroll obligations could be looming.
Health care systems have informed the Healthcare Association of New York State of various challenges, including difficulties in verifying patient eligibility and coverage, communication of pharmacy prescriptions, filing claims, and receiving normal cash flow to support operations.
While Change Healthcare did not respond to inquiries regarding whether a ransom was paid or negotiated, cybersecurity experts highlight the increasing frequency of ransomware attacks in the health care sector. This incident follows a similar attack last month on a children’s hospital in Chicago, prompting concerns about the vulnerability of critical systems.
The Federal Bureau of Investigation (FBI) is aware of the incident but has not confirmed whether an investigation is underway. Allan Liska, a threat intelligence analyst at Recorded Future, cautiously notes that containment efforts appear successful thus far, but underscores the potential long-term impact on patient care if system recovery is prolonged.
