It has been more than two weeks since software company Change Healthcare was ravaged by a cyberattack which brought to a halt its operations. The fallout following the incident has resulted in patients across the country struggling to secure their prescriptions, owing to the inability of providers and pharmacies to process billing and claims due to system breakdown. As the aftereffects of the attack continued to create bottlenecks in digital operations, the federal government in the US felt compelled to step in to alleviate the crisis.
Change Healthcare, a company owned by health care enterprise Optum, plays a significant role in processing patient payments for healthcare organizations. Statistic on their website claims that they manage 15 billion transactions each year, making them the largest commercial prescription processor in the country. It raises palpable concerns when such a crucial link in the healthcare chain is compromised in a cyber attack.
The intrusion into their IT systems was discovered by Change Healthcare itself on February 21, as stated in a public filing by UnitedHealth Group with the Securities and Exchange Commission. Any connections between the compromised systems and others were immediately cut off following the detection of the breach.
Last week, Change Healthcare confirmed that the cyberattack was carried out by the ransomware group BlackCat. Known for their “triple extortion” approach – demanding ransom under the threat of leaking stolen data and disabling websites – BlackCat has often targeted the U.S. healthcare sector in the past.
In response to the crisis, parent company Optum established a temporary funding assistance program aimed at addressing short-term cash flow issues. The details of the plan were published in a notice on the company’s website. Despite this move, reactions from providers have been mostly negative, stating that the assistance does not suffice to meet the needs of those affected by the attack.
On this front, the American Hospital Association has urged Congress and the head of UnitedHealth Group to take immediate action to support providers grappling with the adverse impacts of the ongoing disruptions. The government, thus far, has released a statement through HHS, saying it would expedite payments to affected providers.
With the situation remaining serious, it has reignited discussions on the role and scale of government intervention during such cyber incidents. Cybersecurity company Keeper Security’s CEO, Darren Guccione, highlights the importance of federal agencies’ support in responding to such attacks. At the same time, caution is advised in rushing towards government intervention, considering the broader implications and the possibility of reduced incentives for providers to invest in robust cybersecurity measures.