UnitedHealth Group has disclosed that its first-quarter earnings were significantly affected by a ransomware attack that disrupted the U.S. healthcare system starting in February. The cyberattack resulted in an $872 million impact on their Q1 earnings.
Despite this financial setback, UnitedHealth Group reported impressive first-quarter revenue growth. Revenues increased by nearly $8 billion compared to the previous year, reaching $99.8 billion.
The impact of the ransomware attack includes $593 million in direct costs associated with responding to the cyberattack and an additional $279 million due to business disruptions caused by the incident.
In addition to the financial impact on its earnings, UnitedHealth Group has provided information on the impact of the cyberattack in terms of per-share figures.
They have stated that the cyberattack will result in a total impact of $0.74 per share for the first quarter. Looking ahead, UnitedHealth Group estimates that the full-year impacts for 2024 will range between $1.15 and $1.35 per share.
“Out of prudence, due to the potential for the cyberattack to affect claims receipt timing, the company reflected an additional $800 million of claims reserves,”
“Cash flows from operations from the first quarter 2024 were $1.1 billion and were affected by approximately $3 billion due to the company’s cyberattack response actions, including funding acceleration to care providers, and were additionally impacted due to the timing of public sector cash receipts.”
The company added.
Change Healthcare is a prominent payment exchange platform widely utilized by doctors, healthcare providers, and more than 70,000 pharmacies within the U.S. healthcare system.
UnitedHealth, on the other hand, has established contracts with over 1.6 million health professionals and 8,000 healthcare facilities across all 50 states.
Presently, UnitedHealth is actively engaged in mitigating the impact of the cyberattack on both consumers and care providers. Additionally, the company is expanding its financial assistance programs to support affected providers during this challenging time.
Change Healthcare Cyberattack Followed Double Extortion
The release of UnitedHealth’s Q1 2024 report coincided with the start of a concerning incident. The RansomHub extortion gang began leaking screenshots of documents that purportedly contain patient and corporate data obtained from compromised systems belonging to Change Healthcare.
This data allegedly comes from Notchy, a former affiliate of ALPHV, who has now joined forces with RansomHub for extorting Change Healthcare once again.
The threat actors issued a warning on Monday, stating that Change Healthcare has a five-day deadline to make a new ransom payment. Failure to comply would result in the data being sold to the highest bidder.