Rick Pollack, CEO of the American Hospital Association, stated that the impact of the attack “is still being felt throughout the entire health care system.”
American Hospital Association CEO Rick Pollack described the fallout from a ransomware attack on the country’s largest health care payment processor as “the most serious incident of its kind against a U.S. health care organization” during a statement on Thursday evening.
The attack has severely disrupted Change Healthcare, a company that offers a widely used platform for managing customer payments and insurance claims in the health care sector. To contain the attack, the company has taken most of its systems offline, a common preventative measure.
Pollack noted, “Nine days into the attack on Change Healthcare, a health care technology firm that is part of Optum and owned by UnitedHealth Group, the repercussions are still being felt throughout the entire health care system.” The American Hospital Association is the largest health care industry group in the U.S.
The outage has had a particularly harsh impact on small and midsize health care providers. According to doctors who spoke with CNBC, the disruption has hindered their ability to electronically process prescriptions and has delayed insurance reimbursements.
On Friday, Change Healthcare announced that it had developed a new workaround for its electronic prescription service, which is now available to all customers.
Change Healthcare processes 15 billion health care transactions annually and handles a third of all American patient records.
In an emailed statement, a spokesperson for UnitedHealth Group, Change Healthcare’s parent company, revealed that thousands of pharmacies are utilizing “offline processing workarounds.” The spokesperson noted that over 90% of the more than 70,000 U.S. pharmacies using Change Healthcare’s payment processor are employing alternative methods to handle payments.
UnitedHealth Group announced on its website that the attack was detected on February 21 and involved a type of ransomware known as Alphv.
Alphv is developed by Russian-speaking cybercriminals, though it remains unclear who specifically deployed it on Change Healthcare’s systems. This same ransomware was used in last year’s major attack on MGM Resorts in Las Vegas. However, experts and sources familiar with that incident indicated it was executed by a small group of young, English-speaking hackers.
A coalition of U.S. and European law enforcement agencies launched an operation to disrupt Alphv in December, but it seems the ransomware has partially recovered.
According to a spokesperson, Change Healthcare is collaborating with U.S. law enforcement and has engaged two major cybersecurity firms, Google-owned Mandiant and Palo Alto Networks, to aid in the recovery efforts.
An FBI spokesperson mentioned in an email Friday afternoon that the FBI, the Department of Health and Human Services, and the Cybersecurity and Infrastructure Security Agency are all providing support.
