UnitedHealth Group confirmed a threat actor gained access to its tech division Change Healthcare last month, which supports pharmacies and hospitals across the US. The company updated the market yesterday to note that it expects to restore Change Healthcare’s systems by mid-March.
The company said that once they became aware of the outside threat, they “took immediate action to disconnect Change Healthcare’s systems to prevent further impact”. They added that their “security team, along with law enforcement and independent experts, began working to address the matter” and confirmed as of 7 March, they believed “the cybersecurity issue is specific to Change Healthcare”.
In recent reports, Reuters has suggested from a post on a hacker forum, that the company has “paid $22 million in a bid to recover access to data and systems” encrypted by the ransomware group.
On 5 March, The U.S. Department of Health and Human Services (HHS) responded by releasing a statement on its actions to lead “interagency coordination of the Federal government’s related activities, including working closely with the Federal Bureau of Investigations (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the White House, and other agencies to provide credible, actionable threat intelligence to industry wherever possible”.
HHS added that “numerous hospitals, doctors, pharmacies and other stakeholders have highlighted potential cash flow concerns to HHS stemming from an inability to submit claims and receive payments”, and therefore announced “steps that the Centers for Medicare & Medicaid Services is taking to assist providers to continue to serve patients” and “receive timely payments”.
In response, the American Medical Association urged “federal officials to go above and beyond what has been put in place and include financial assistance such as advanced payments for physicians”.
An update from UnitedHealth Group [5 March] noted that progress has been made “in providing workarounds and temporary solutions to bring systems back online in pharmacy, claims and payments”.
Discussing cyber security in the UK and US, health tech supplier Cynerio said to HTN: “We need to do the most we can to prevent the worst from happening. This is a global war on cyber attacks. These attackers can be anywhere, and if you have data they can get to, they are going to attack you.”
“We need to look at what people around the world are doing to prevent this; because we’re not in this alone. In the NHS we have the Data Security and Protection Toolkit and the Cyber Assessment Framework, and in the US, The Department of Health and Human Services recently launched its Cybersecurity Performance Goals. The guidance and support set clear essential and enhanced goals [view them here], and we support organisations to meet all these requirements. We’re not in this alone, we’re all connected.”
Resources: