East Tennessee pharmacies impacted by nationwide cybersecurity attack | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

KNOXVILLE, Tenn. (WATE) — Several pharmacies in East Tennessee were impacted after the company Change Healthcare suffered a cybersecurity attack.

Change Healthcare, which is owned by UnitedHealth, had multiple areas of service impacted by a nationwide cyberattack.

At Clinton Drug Store, pharmacists were unable to access insurance information to fill prescriptions. Owner Jim McBride said around 90% of his customers use insurance.

“We weren’t able to process any prescriptions that dealt with insurance. We do not know a patient’s co-pay structure. We do not know their deductibles,” McBride said. “So we depend on that interaction to fill a prescription so we know what to charge the patient or even if the medication is covered to begin with.”

Owner and pharmacist at Blount Discount Pharmacy Hamilton Borden experienced the same issue, unable to access insurance information.

“A lot of times we can get all that information pulled electronically, but we can’t right now so we’ve had to manually call the insurance companies to be able to get that processing information,” he said.

McBride said this situation also points to a bigger issue.

“Allowing those companies to get bigger and bigger and bigger, and then you have a cyberattack in maybe one aspect of the company, and until they can zero that in and fix it they end up taking all their companies down,” he said. “I’m concerned more than anything about, yeah yesterday was bad, but long term what’s this is going to do because of all the vertical integration that’s been allowed in healthcare for these big conglomerates to buy all kinds of companies.”

Borden echoed his concerns, calling on the Federal Trade Commission to step in.

“There’s too much control by this one company who owns the medical insurance, who owns the pharmacy insurance. They also own the pharmacy processing, so that needs to be addressed as soon as possible,” he said.

As for the source of the attack, the company released a statement saying, “UnitedHealth group identified a suspected nation-state associated cyber security threat actor had gained access to some of the change healthcare information technology systems.”

McBride said some of the systems are back up and running, but some insurance plans are still inaccessible.


Click Here For The Original Source.

National Cyber Security