In a significant development, the US Health and Human Services Department (HHS) has unveiled plans to assist healthcare providers in finding alternative claims processing platforms. This move aims to facilitate the restoration of business operations following a cyberattack on Change Healthcare, a subsidiary of UnitedHealth Group (UNH), which has disrupted a substantial portion of America’s health systems over the past two weeks.
On February 21, a cyberattack crippled Change Healthcare, a crucial platform used by hospitals, doctors’ offices, and pharmacies for processing payments and prior authorizations related to patient visits and prescriptions. UnitedHealth Group, in a detailed statement on Tuesday, confirmed that the well-known Russian-backed ransomware group, BlackCat, was responsible for the attack.
While acknowledging that the FBI had previously breached BlackCat at the end of the previous year, it was unable to shut down the group. BlackCat claims to have accessed up to 6 terabytes of data during the recent attack and reported receiving $22 million in bitcoin, the origin of which remains unclear. UnitedHealth Group has not commented on whether it paid the ransom.
Despite challenges, the latest data indicates that 90% of claims for health providers are now flowing uninterrupted, with pharmacies expected to be fully operational by Thursday, according to UHG’s Tuesday statement. The company has made progress in implementing workarounds and temporary solutions to restore systems in pharmacy, claims, and payments.
Aneesh Chopra, former US chief technology officer and current co-founder and president of CareJourney, emphasized the need for redundancy in systems, calling the incident a wake-up call for the healthcare industry.
“This may be the first of its kind, where an outage at the interoperability layer weakens the capacity of the system to function,” Chopra stated, underscoring the interconnectedness of the domestic healthcare ecosystem.
The HHS echoed this sentiment, emphasizing the urgency of strengthening cybersecurity resiliency across the entire healthcare ecosystem in a statement.
UnitedHealth Group’s stock has experienced a more than 7% decline in the past month, trading at $473 on Tuesday, resulting in a loss of approximately $30 billion in market capitalization. The company faced significant market shifts after it became evident that an immediate resolution of the issues was not forthcoming.
The incident highlights the broader issue of third-party risks in the healthcare sector. Due to regulations safeguarding patient information, tech platforms struggle with interoperability, creating vulnerabilities that cyber attackers exploit. UnitedHealth’s attack targeted a key mechanism in the system, impacting various entities in the healthcare system involved in claims and payments.
UnitedHealth’s appeal as a target is also attributed to its Optum brand, encompassing Optum Financial, which operates diverse payment systems, including those for affordable housing financing and federal benefit programs like WIC nutrition assistance.
The cyberattack on UnitedHealth Group underscores a global challenge, with a shortage of over 4 million cybersecurity professionals in the workforce as of 2023. Cybersecurity experts note that the financial sector attracts top talent, leaving other sectors, including technology and healthcare, with a narrower pool of potential candidates.
The HHS recognizes the escalating threat of cyberattacks on health systems, with a 256% increase in large breaches reported over the past five years. Ransomware attacks have become the most common form of cyber threats, with a 264% increase during the same period.
Healthcare leaders emphasize their commitment to cybersecurity, with significant investments aimed at protecting against attacks. John Couris, Tampa General Hospital president and CEO, responded to recent criticisms, highlighting the need for thorough vetting of third-party vendors in the wake of cyber threats.
