THE CHANGE HEALTHCARE CYBER ATTACK
On Wednesday, February 21, 2024, Change Healthcare a subsidiary of UnitedHealth Group (UHG) underwent a cyber attack. UHG processes over 15 billion claims a year totaling $1.5 trillion in medical claims, and is estimated to supply clearinghouse services to 50% of all providers nationwide. So an attack on UHG is a testing ground for bigger and future attacks. Let’s learn who was impacted.
PCG has supplied the latest updates that can be found through various publications online at the beginning of this article. After those updates, you will find our original article based on preliminary findings. This should give you a good sense of what transpired, and what has happened since the attack, and you can make your judgment if enough has been done to protect us in the future and remedy the injustices providers and plans felt from UHC’s blunder.
How did this Breach occur?
Following the February 21st cyberattack on Change Healthcare, the Energy and Commerce Committee has been investigating the incident. Key findings revealed that the attack occurred due to a lack of multifactor authentication on critical systems, resulting in approximately one-third of Americans' sensitive health information being leaked onto the dark web. Despite paying a $22 million ransom, UnitedHealth cannot guarantee that more data will not be leaked. Efforts are ongoing to support affected individuals and improve cybersecurity measures within the healthcare sector.
General Updates from June and July of 2024
In June and July 2024, Change Healthcare faced significant challenges due to a series of cyberattacks. The initial attack in February was attributed to the ALPHV group, resulting in a substantial ransom payment. However, a second ransomware attack in mid-2024, carried out by a group called RansomHub, further complicated the situation. This group claimed to have control over the same data stolen in the initial attack, demanding another ransom.
The cyberattacks have had widespread impacts, particularly on the healthcare sector. Hospitals and healthcare providers have experienced delays in claims processing and disruptions in cash flow, affecting patient care and financial stability. About 74% of hospitals reported negative impacts on patient care and 94% experienced financial strain​.
To mitigate the disruption, the Centers for Medicare & Medicaid Services (CMS) implemented the Change Healthcare/Optum Payment Disruption (CHOPD) program, providing accelerated and advanced payments to affected providers. This program will conclude on July 12, 2024, having issued over $3.2 billion to more than 8,900 providers and suppliers.
Legal repercussions are also unfolding, with multiple lawsuits emerging against Change Healthcare. These suits focus on the financial and operational impacts of the cyberattacks, though experts caution that litigation could take years to resolve.
Legal and Financial Impact:
Multiple lawsuits have emerged against Change Healthcare due to the significant financial and operational disruptions caused by the cyberattack. Hospitals and healthcare providers have reported delays in claims processing, which has affected patient care and financial stability. UnitedHealth Group, the parent company of Change Healthcare, has set up a fund to help providers cope with these financial difficulties.
Operational Disruptions
The cyberattacks have severely disrupted services such as pharmacy operations, eligibility checks, and claims processing. In response, CMS launched the Change Healthcare/Optum Payment Disruption (CHOPD) program to provide accelerated and advanced payments to affected providers. This program will conclude on July 12, 2024.
Ongoing Notifications and Security Measures
Change Healthcare has begun notifying healthcare providers and other customers about the compromised patient data resulting from the February attack. The company expects to mail letters to affected individuals by late July. The Department of Health and Human Services (HHS) has been involved in ensuring that patients are informed about the breach and the potential risks.
Cost of Response
The financial burden of the response to the cyberattacks is substantial. UnitedHealth Group has updated its cost estimates, predicting that the total expense for dealing with the February 2024 ransomware attack will range between $2.3 billion and $2.45 billion, significantly higher than earlier estimates.
References for Latest ChangeHealthcare Updates:
- Chief Healthcare Executive Article
- ITPro
- Centers for Medicare & Medicaid Services
- OncLive
- Energy & Commerce
- AHA
Latest Update as of March 8th 2024:
- As of Friday, March 8th, 2024, Change Healthcare has not restored its platform (source).
- BlackCat/AlphaV appears to have received a $22 million ransom payout (source).
- Elevance reported a 15% to 20% reduction in daily claims volume (source).
- Appears the broad payment platform could be online as early as March 15th (source).
HOSPITALS AND PROVIDERS SUFFER FROM THIS ATTACK
A group that goes by the name of "Blackcat" and "ALPHV" performed a hack that left hospitals and providers around the nation unable to submit claims for their medical services to UHG, as well as prescription processing. The American Hospital Association President and CEO, Rick Pollack, stated this is the most serious threat to healthcare in America he’s ever witnessed.
PATIENTS ARE SUFFERING FROM THIS ATTACK
While it crippled hospitals and providers around the nation, patients felt the pain first as they were unable to claim their prescriptions from their pharmacies. Secondly, the biggest scar that will only be felt in months and years to come, is the stealing of patient information via once thought “secured medical records.” Personal Health Information (PHI) has been used by hackers for decades under the term “medical identity theft.” Hackers use this information to set up online accounts for shopping, wire transfers, and even to coordinate with other fraudsters in health care for false referrals and healthcare services.
Did you know… 30% of Patients didn’t know that their PHI was stolen? Or that it will take on average $13,500 to resolve the issue and recuperate their correct billing statuses and owed fees? How many Medicare patients truly have $13,500 to help resolve these issues?
ABOUT BLACKCAT / ALPHV
The cyberattack on UnitedHealth Group's Change Healthcare division was conducted by a ransomware group. The group, which goes by the name "Blackcat," has previously hacked major U.S. companies including MGM Resorts International and Caesars Entertainment, two Las Vegas gaming organizations, two unnamed sources told the wire service. Following the attack, BlackCat/AlphV’s website was taken offline.
SAVING FACE THROUGH A SUBSIDIARY: OPTUM
Optum issued what we can only call a “bailout.” Stating it would offer cash payments to hospitals and providers affected by this cyber attack. This was also a tactic to prevent organizations from changing from Change Healthcare to another vendor. Time will tell if this offering was enough to keep market share.
GET NOTIFIED:
This article shall be updated over time with new developments. To gain those updates, please subscribe and/or bookmark this page.
Source:
