Impact of UnitedHealth Cyberattack on Healthcare Providers
Medical providers in Minnesota are describing the aftermath of the UnitedHealth Cyberattack as an “absolute mess” that poses a threat to their financial stability. Multiple lawsuits followed causing a serious issue for UnitedHealth and Change Healthcare.
The ongoing fallout from the Change Healthcare Ransomware Attack has created a mess in the healthcare billing system, making it difficult for providers to receive timely payments and manage their finances effectively. This situation raises concerns about the financial health of these medical providers.
Lawsuits have been filed in Minnesota, alleging that the healthcare giant, UnitedHealth Group, did not take sufficient measures to prevent a cyberattack that is still causing problems for healthcare providers. The company has reported progress in addressing the issue.
Healthcare providers in Minnesota are expressing concerns about ongoing difficulties in billing health insurers due to a cyberattack last month on a UnitedHealth Group subsidiary Change Healthcare. There is a delay of several weeks before submitted claims are paid.
However, hospitals and clinics fear that they may soon face a financial strain due to the billing complications. This could make it challenging for them to cover payroll and supply costs. It may take several months to resolve and rectify the situation.
UnitedHealth Group has reported that they are making significant progress in implementing workarounds and fixes to restore the payment system.
However, hospital and physician groups have emphasized that many healthcare providers continue to face significant challenges related to patient scheduling, cost estimation, and other issues. They are urging for immediate financial relief to address the consequences of the UnitedHealth Cyberattack.
Multiple Federal Lawsuits Filed Against UnitedHealth
This week, additional repercussions of the cyberattack have surfaced, including federal lawsuits filed against UnitedHealth and reports suggesting that a ransom may already have been paid to the hackers.
“What we are hearing is hundreds of millions of dollars of claims are just sitting because they’ve not been able to go through this pipeline that’s been shut off,”
“So there’s a scramble to get to other pipelines.”
Dr. Rahul Koranne, chief executive of the Minnesota Hospital Association.
UnitedHealth Halted Operations of Data Clearing House Change Healthcare After the Ransomware Attack
Following the UnitedHealth Cyberattack on February 21st, the company decided to temporarily halt operations of the electronic data clearinghouse provided by Change Healthcare.
This widely utilized system, utilized by pharmacies, hospitals, and clinics, has processed approximately 50% of all medical claims in the United States in recent years.
In response to the financial challenges faced by healthcare providers due to the cyber attack, UnitedHealth introduced a financial assistance program last week.
However, the American Hospital Association criticized the program on Monday, deeming it insufficient. They expressed that UnitedHealth can do more to address the extensive consequences of the cyber attack.
In response to the challenges faced by healthcare providers, the federal government announced measures on Tuesday to offer assistance. However, the American Medical Association has raised concerns that these measures do not adequately address the extent of the issue.
UnitedHealth Group says its technical work is helping preserve patient access to medications.
“We continue to see pharmacy claims flowing at near-normal levels,”
The company said in an update.
The UnitedHealth Cyberattack Caused Issues with Prescriptions That are ‘Very Serious’, Claims Lawsuits Against UnitedHealth
According to John Hoeschen, the owner of St. Paul Corner Drug, the remaining problems stemming from the cyberattack are quite severe.
Although his pharmacy mostly uses a clearinghouse other than Change Healthcare, Hoeschen is still facing difficulties in submitting claims for Medicare Part B payments. As a result, he has accumulated a backlog of claims that he hasn’t been able to process for approximately two weeks.
“If you can’t submit a claim, you can’t get paid for a claim,”
“It’s a mess — it’s an absolute mess. And I don’t know when it’s going to get resolved.”
John Hoeschen – owner of St. Paul Corner Drug Store
Lawsuits Claim That Patients Are Unable to Seek Insurance Claims
The impact on pharmacy patients is becoming evident, as highlighted by lawsuits recently filed in the U.S. District Court in Minnesota.
One of the filings involves a California resident who was informed that due to the issue caused by the cyberattack, he would have to pay the full price for his medication and then seek reimbursement through an insurance claim.
The plaintiff expressed hesitation in seeking further medical care until assurance is provided regarding the security of their information and acceptance of their insurance coverage. These lawsuits emphasize the concerns and uncertainties faced by patients as a result of the cyberattack.
Another lawsuit has been filed by a patient from California, stating that the inability to fill a prescription has exposed them to potential negative health risks. The lawsuit highlights the serious consequences that patients may face as a result of the cyberattack’s impact on the healthcare system.
ALPHV/Blackcat Responsible for the UnitedHealth Cyberattack
UnitedHealth Group initially revealed that the incident was caused by a “nation-state associated cybersecurity threat actor” who gained access to certain IT systems at Change Healthcare. However, the company later stated that the cyberattack was carried out by a cybercrime threat actor identifying itself as ALPHV/Blackcat.
ALPHV/Blackcat is known for employing data encryption techniques to hold information hostage and demand substantial cryptocurrency payments. While a federal report in February linked Blackcat to Russian cyber criminal groups, cybersecurity expert Brett Callow does not consider them to be state-sponsored, nation-state associated, or specifically Russian.
Hackers Behind the Change Healthcare Ransomware Attack Said to Have Received a $22 Million Payment
Wired magazine reported earlier this week on signs from a Bitcoin account and a cybercriminal underground forum that suggest the alleged hackers might have received a $22 million ransom.
UnitedHealth Group would not comment, beyond saying the company is “focused on the investigation.”
The biggest cyber-ransom paid to date was about $40 million, said Callow, an analyst with the cybersecurity firm Emsisoft. Massive payments encourage the attackers and provide them with resources to scale their operations, he said.
“We know that $22 million was paid into a wallet belonging to ALPHV, and we know that someone claiming to be an affiliate of ALPHV stated that the money was paid by Change,”
“While this does not prove that Change paid, it certainly points to it.”
Callow said of the report in Wired magazine.
UnitedHealth Group has stated that, apart from the systems at Change Healthcare, their other systems, including those at UnitedHealthcare insurance business and the Optum division for healthcare services, were not impacted by the cyberattack. This provides assurance that those specific divisions remain unaffected.
Reuters recently reported on an apparent “exit scam” by the hackers. This refers to a strategy where criminals falsely assert that their website has been disabled by law enforcement, aiming to evade making payments to their accomplices in criminal activities.
This development highlights the complex tactics employed by cybercriminals in an attempt to avoid detection and consequences.
