UnitedHealth Group Cyberattack Sees US Government Respond

US government officials have urged UnitedHealth Group (UHG) – and the wider insurance market – to “mitigate harm” in the wake of the ransomware cyberattack on Change Healthcare.

A cybersecurity breach at US health-tech giant Change Healthcare has meant that the US healthcare system is now entering a second week of chaos around medical claims and payments

In response, officials from the Departments of Labor and of Health & Human Services sent an open letter, urging UnitedHealth and other companies in the industry to help.

"We call on UHG, other insurance companies, clearinghouses, and health care entities to take additional actions to mitigate the harms this attack places on patients and providers, particularly our safety net providers," the letter said.

Since UHG’s Change Healthcare unit was breached on February 21 by a hacking group known as BlackCat, UnitedHealth has said it is working to restore impacted channels, and that some of its systems are returning to normal. 

But hospitals are still unable to check the insurance benefits of in-patients, nor can they process the authorisations needed for patient procedures and surgeries. Compounding these problems, neither can they process billing that pays for medical services. 

Insurance records chaos follows UHG cyberattack

Ever since Change Healthcare pulled the plug on its network three weeks ago in an effort to contain the hackers, many smaller healthcare providers and pharmacies say that, without reimbursements from insurers, they are facing a cash-flow crisis.

Plus – without access to their health insurance records – pharmacies, do not know how much to charge patients for prescriptions, forcing many to pay for pricey medicines themselves.

The cyberthreat landscape is constantly in flux, with financial institutions, healthcare services and critical infrastructure providers most at risk.

The surge in AI and machine learning over recent years has enabled cybercriminals to initiate attacks with fewer resources and/or skills, with a growing number of businesses harnessing these technologies to streamline their processes and improve the quality of products and services.

As a result, there is a growing market for cybersecurity solutions for the healthcare industry.

Change Healthcare handles billions of healthcare transactions annually, and questions also remain about the security of millions of people's highly sensitive medical information handled by Change Healthcare.

If patient data has been stolen, the implications could be life-long for those affected.