On February 21, 2024, the American company Change Healthcare, a division of UnitedHealth Group, was affected by a ransomware attack. The cyberattack shut down the largest healthcare payment system in the United States.
Healthcare Hacked! UnitedHealth’s Change Healthcare Tormented by Blackcat Bandits, $22M in Bitcoin Allegedly Paid
Published on March 07, 2024
In a digital heist that's sent shockwaves through the healthcare industry, Change Healthcare, a unit under the UnitedHealthcare umbrella, suffered a massive cyberattack.
The hacking fiasco, attributed to a sinister-sounding group known as ALPHV/Blackcat, reportedly led to the theft of a staggering six terabytes of private medical info, causing disruption to health services and a scramble for prescription medications.
Amidst the chaos, a leak has brought to light a possible capitulation by UnitedHealthcare, with suggestions flying that the health insurance giant coughed up $22 million in Bitcoin to the hackers.
- As reported by KARE 11, a Bitcoin transaction of the same amount was tracked to an account believed to belong to the Blackcat gang on March 1st, causing speculation to swirl that UnitedHealthcare may be the payer.
- However, a company's spokesperson kept the cards close by stating, "We are focused on the investigation and restoring operations at Change," neither confirming nor denying the payout claims.
- 5 EYEWITNESS NEWS has reported additional information regarding the incident's financial toll on healthcare providers, citing a health analytical firm's estimates of daily losses surpassing $100 million.
- Meanwhile, Scott Spiro, a cybersecurity expert, provided a grim analogy on the perils of surrendering to hacker demands by comparing it to "training a dog," stating that if one gets a treat after an action, the behavior is simply reinforced, according to 5 EYEWITNESS NEWS.
Uploaded: Feb 29, 2024
Cyber_Warrior (@cyber_warrior76). original sound - Cyber_Warrior. Continued ripple effect of the cyberattack on UnitedHealthCare Change Health. #unitedhealthcare #cyber #ransomware #hackers ...
Uploaded: Feb 29, 2024
A cyberattack on the health technology provider Change Healthcare, a subsidiary of the UnitedHealth Group, is wreaking havoc nationwide, as some hospitals and pharmacies cannot get paid and many ...
The hack, disclosed last Wednesday, has had a knock-on effect on players across the U.S. healthcare system, as disruptions triggered by the attack have impacted electronic pharmacy refills and insurance transactions.
The company said its experts were working with law enforcement authorities and third-party consultants to gauge the impact on its customers and patients.
"We are working on multiple approaches to restore the impacted environment and continue to be proactive and aggressive with all our systems, and if we suspect any issue with the system, we will immediately take action," UnitedHealth said.
The outage could last for weeks, STAT News reported on Thursday, citing a recording obtained by the media outlet of a conference call with hospital cybersecurity officers.
STAT cited UnitedHealth Chief Operating Officer Dirk McMahon as saying that the company is setting up a loan program to help providers who cannot submit insurance claims while Change Healthcare is offline.
He said that program will last "for the next couple of weeks as this continues to go on," STAT reported.
UnitedHealth did not immediately respond to a Reuters request for comment.
The American Hospital Association said it was in discussions with UnitedHealth and the federal government. A prolonged disruption of Change Healthcare’s systems could disrupt the ability of some health systems to pay salaries and equipment, the association said.
In a message posted on its darknet site that was quickly deleted, the group known as "Blackcat" or "ALPHV" said on Wednesday it stole millions of sensitive records, including medical insurance and health data, from the company.
Blackcat has not returned repeated messages from Reuters, including a request for comment on UnitedHealth's confirmation statement on Thursday.
Blackcat is one of the most notorious of the internet's many ransomware gangs, which encrypt data to hold it hostage with the aim of extorting massive payouts.
The U.S. Department of Health and Human Services said it was working closely with the company's unit, Optum Insight, "to assess the cyber incident and its impact on patient care".
"The incident is a reminder to all healthcare providers and contractors to stay vigilant," the agency said on Thursday.
The hack at MGM Resorts in September last year resulted in a $100 million hit to the company's third-quarter results.
Meanwhile, healthcare providers across the United States are struggling to get paid following the outage at UnitedHealth's technology unit, with some smaller providers saying they are already running low on cash.
Reporting by
Pratik Jain and Sriparna Roy in Bengaluru, Zeba Siddiqui in San Francisco,
Raphael Satter in Washington and
Dan Whitcomb in Los Angeles;
Editing by Shinjini Ganguli, Arun Koyyur, Maju Samuel and Jamie Freed
=================================================================================
No comments:
Post a Comment