UnitedHealth Group recovering from significant cyberattack: CEO

He called it one of the worst attacks on a health care system in U.S. history.

March 19, 2024, 8:24 PM

The UnitedHealth Group -- one of the nation’s largest health care providers -- said it is making progress in its recovery from one of the worst cyberattacks on a health care system in United States history, its CEO said earlier this week.

On Feb. 21, UnitedHealth Group announced a hacking group called ALPHV -- also known as "BlackCat" -- breached its system. Its subsidiary Change Healthcare was hit hardest by the attack.

"Change Healthcare can confirm we experienced a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat," according to a statement on UnitedHealth Group's website.

Change Healthcare processes 15 billion health care transactions annually and touches 1 in every 3 patient records, according to a letter sent to the U.S. Department of Health and Human Services from the American Hospital Association. "These transactions include services that directly affect patient care and pharmacy operations, and the attack "imposed significant consequences on hospitals and the communities they serve."

Pharmacy, medical claims, and payment systems were targeted by the attack.

Change Healthcare will release medical claims software, which will be available to thousands of customers over the next several days. The company restored its electronic payments platform and 99% of its pharmacy network services are back, according to the statement from UnitedHealth Group.

UnitedHealth Group CEO Andrew Witty said in a statement Monday that it is continuing to "make significant progress in restoring the services impacted by this cyberattack.”

“We know this has been an enormous challenge for health care providers and we encourage any in need to contact us,” Witty said.

The company has paid more than $2 billion to assist health-care providers who’s finances have been impacted by the attack, Witty said.

Last week, the Department of Health and Human Services Office of Civil Rights said it is investigating the breach.

"Given the unprecedented magnitude of this cyberattack, and in the best interest of patients and health care providers, OCR is initiating an investigation into this incident," a letter written by OCR’s Director Melanie Fontes Rainer. "OCR's investigation of Change Healthcare and UHG will focus on whether a breach of protected health information occurred and Change Healthcare’s and UHG’s compliance with the HIPAA Rules."

The American Hospital Association called the cyberattack “the most significant and consequential incident of its kind against the U.S. healthcare system in history.” The association said that the attack made it challenging for hospitals to provide patient care, complete prescriptions, submit insurance claims, and receive payment.

Some of BlackCat's operations were disrupted by the FBI in December of 2023, and was responsible for such hacks as the MGM hack which shut down operations primarily along the Las Vegas strip at MGM properties.

Related Topics