UnitedHealth Group recovering from significant cyberattack: CEO

Photo of author

By journalsofus.com

He called it one of the worst attacks on the health care system in American history.

On February 21, UnitedHealth Group announced that a hacking group called ALPHV – also known as “Blackcat” – had breached its systems. Its subsidiary, Change Healthcare, suffered the most damage from the attack.

According to a letter sent by the American Hospital Association to the U.S. Department of Health and Human Services, Change Healthcare processes 15 billion health care transactions annually and touches 1 in every 3 patient records. “These transactions involve services that directly impact patient care and pharmacy operations,” and the attack “had significant consequences for hospitals and the communities they serve.”

Pharmacy, medical claims and payment systems were targeted in the attack.

Change Healthcare will release medical claims software, which will be available to thousands of customers over the next several days. According to a statement from UnitedHealth Group, the company has restored its electronic payment platform and 99% of its pharmacy network services are back.

UnitedHealth Group CEO Andrew Witty said in a statement Monday that it was “making significant progress in restoring services impacted by this cyberattack.”

“We know this has been a huge challenge for health care providers and we encourage anyone in need to contact us,” Vitti said.

Vitti said the company has paid out more than $2 billion to assist health care providers whose financial position has been affected by the attack.

Last week, the Department of Health and Human Services’ Office for Civil Rights said it was investigating the violations.

“Given the unprecedented magnitude of this cyberattack and in the best interests of patients and health care providers, OCR is launching an investigation into this incident,” a letter written by OCR Director Melanie Fontes Renner said. “OCR’s investigation of Change Healthcare and UHG will focus on whether there was a breach of protected health information and whether Change Healthcare and UHG complied with HIPAA regulations.”

The American Hospital Association called the cyberattack “the most significant and consequential event of its kind against the American healthcare system in history.” The attack has made it challenging for hospitals to provide patient care, complete prescriptions, submit insurance claims and receive payments, the association said.

Some of BlackCat’s operations were disrupted by the FBI in December 2023, and was responsible for hacks such as the MGM hack, which shut down Las Vegas Strip operations primarily at MGM properties.

Leave a comment