Health care providers nationwide are grappling with the aftermath of a cyberattack on a prominent U.S. health care technology company, jeopardizing the security of patients' information and causing disruptions in prescription services and payroll for medical staff. The hack, attributed to a ransomware group, has impacted billing and care-authorization portals, potentially hindering hospital discharge processes, according to a major hospital association.
Change Healthcare, a key player in health care technology processing billions of transactions annually, disclosed the attack on Feb. 21. The company, owned by UnitedHealth Group, confirmed that its systems, along with those of Optum and UnitedHealthcare, were affected by the breach. The ransomware group ALPHV, also known as Blackcat, has been identified as the perpetrator.
Despite the challenges posed by the attack, Change Healthcare assured that patient care remains a top priority, implementing workarounds to ensure continued access to medications and necessary care. However, the American Hospital Association highlighted delays in prescription services as a significant immediate impact, with affected pharmacies resorting to manual processes.
The broader implications of the cyberattack are still unfolding, with hospitals experiencing difficulties in claims processing, patient billing, insurance verification, and operational cash flow. The American Hospital Association warned of potential long-term consequences, such as payroll disruptions and delayed service approvals for patients.
Health care systems have reported various issues to the Healthcare Association of New York State, including challenges in patient eligibility verification, prescription communication, claims filing, and cash flow management. Cybersecurity experts note a concerning rise in ransomware attacks within the health care sector, with recent incidents, including an assault on a children's hospital in Chicago.
While the FBI is aware of the ongoing incident, it has not confirmed an investigation. Despite efforts to contain the attack, experts emphasize the critical nature of swift recovery to minimize the impact on patient care. The situation remains fluid as health care providers navigate the aftermath of this cyber threat.
