In a recent announcement, UnitedHealth Group disclosed its plans to reinstate Change Healthcare’s systems by mid-March, signaling potential relief from the ransomware attack that has disrupted critical operations throughout the U.S. healthcare system.
The intrusion by a cyber threat actor into Change Healthcare’s information technology network was identified on February 21, as reported in a filing with the Securities and Exchange Commission. UnitedHealth promptly isolated and disconnected the affected systems upon detection, albeit causing disruptions to pharmacy services, payment platforms, and medical claims processes.
According to a press release issued on Thursday, UnitedHealth assured that electronic prescribing is now fully functional, and payment transmission, as well as claim submissions, are currently available. The company anticipates the complete restoration of electronic payment functionality by March 15, with connectivity testing slated to commence on March 18.
UnitedHealth emphasized that there is no evidence of compromise to any other systems beyond those associated with Change Healthcare in the cyber attack.
“We are committed to providing relief for people affected by this malicious attack on the U.S. health system,” stated UnitedHealth CEO Andrew Witty in the release.
In response to the challenges faced by healthcare providers due to the attack, UnitedHealth introduced a temporary funding assistance program on Friday. This initiative aims to assist providers experiencing cash flow issues, with the company committing to advancing funds on a weekly basis. Recognizing that the program may not cater to every provider’s needs, UnitedHealth expanded its scope to include those who have exhausted all available options and are working with payers unwilling to advance funds during the downtime of Change Healthcare systems.
UnitedHealth underscored that these advances will not require repayment until the normal flow of claims is restored.
The ransomware attack, attributed to the Blackcat group, was revealed by Change Healthcare in late February. Also known as Noberus and ALPHV, Blackcat employs tactics of stealing sensitive data from institutions and threatens to publish it unless a ransom is paid, according to information released by the U.S. Department of Justice in December.
Given the inherent risks of ransomware attacks, particularly within the healthcare sector, where disruptions can directly impact patient safety, UnitedHealth did not disclose specific details about the compromised data or confirm whether a ransom was paid to restore its systems.
