Ransomware attack on UnitedHealth hits provider payments | #ransomware | #cybercrime

A weeklong ransomware attack on key units of the UnitedHealth Group is leaving healthcare providers across the United States struggling to process payments.

According to the American Hospital Association, large hospital chains and smaller-level providers have been locked out of processing payments. Although large systems have been able to absorb the blow financially, smaller providers are already beginning to run low on cash as they take on the costs of being unable to collect from patients.

The UnitedHealth Group is one of the largest health benefits organizations in the United States, directly insuring over 27 million Americans in individual and employer plans, as well as nearly 14 million seniors on Medicare with private supplemental coverage.

UnitedHealth’s Change Healthcare, a critical linchpin for processing payments and revenue cycle management for UnitedHealth, has been incapacitated for more than a week after a hacker gained access to the network.

The attack has also thwarted prescription refills and renewals for pharmacies across the U.S., ranging from small independent firms to larger entities like Walgreens.

“This attack is not only on Change Healthcare but is an attack on the entire health care sector that depends upon the availability of Change healthcare services technology,” said the AHA’s national adviser for cybersecurity and risk, John Riggi.

The source of the attack and the actors responsible have not been officially identified.

A filing with the Securities and Exchange Commission from last week indicates that UnitedHealth “identified a suspected-nation-state associated cyber security threat actor” entered the information technology system on Feb. 21.

Sources close to the matter, however, reported to Reuters this week that a criminal gang known as “Blackcat” or “ALPHV” may be responsible for the attack. Blackcat reportedly did not respond to Reuters‘ request for comment.

Organizations that experience high-impact ransomware attacks can take several months to fully restore capacity, according to Riggi.


Although patients should not experience disruptions to care, the cash flow upholding the healthcare system will dwindle if other payment clearing houses cannot take on additional claims.

“We must continue to unite as a sector in defense of our sector, because as we have seen, an attack against one of us is an attack on all of us,” Riggi said.

Source link


National Cyber Security