Healthcare large UnitedHealth Group confirmed that its subsidiary Optum was compelled to close down IT techniques and varied companies after a cyberattack by “nation-state” hackers on the Change Healthcare platform.
United Well being Group (UHG) is a medical health insurance firm with a presence throughout all 50 US states. The group is the world’s largest healthcare firm by income ($324.2 billion in 2022), using 440,000 individuals worldwide.
Its subsidiary, Optum Options, operates the Change Healthcare platform, which is the biggest cost trade platform between docs, pharmacies, healthcare suppliers, and sufferers within the US healthcare system.
When you have any data relating to this incident or another undisclosed assaults, you possibly can contact us confidentially by way of Sign at 646-961-3731 or at suggestions@bleepingcomputer.com.
Optum suffers huge cyberattack
Change Healthcare first began warning clients Wednesday that a few of its companies had grow to be unavailable, later stating a cybersecurity incident prompted it.
An 8-Ok submitting submitted by UnitedHealth Group with the SEC yesterday confirmed {that a} cyberattack by suspected “nation-state” hackers was behind the disruption to Optum’s Change Healthcare companies.
“On February 21, 2024, UnitedHealth Group (the “Firm”) recognized a suspected nation-state related cyber safety risk actor had gained entry to a number of the Change Healthcare data expertise techniques,” reads the filing.
“Instantly upon detection of this outdoors risk, the Firm proactively remoted the impacted techniques from different connecting techniques within the curiosity of defending our companions and sufferers, to include, assess and remediate the incident.”
“The Firm is working diligently to revive these techniques and resume regular operations as quickly as potential, however can not estimate the period or extent of the disruption at the moment.”
Optum is offering common updates on the standing of its companies on this portal, which says that the outage is presently impacting 119 Change Healthcare and Optum companies and platforms.
Change Healthcare has a large presence within the US healthcare techniques, utilized by hospitals, clinics, and pharmacies nationwide for digital well being file (EHR) techniques, cost processing, care coordination, and information analytics.
Staff at healthcare clinics, medical billing corporations, and pharmacies have reported widescale issues as a result of outage, together with being unable to invoice or ship claims for prescriptions or healthcare services.
The cost processing disruption in pharmacies has been particularly noticeable, with the vast majority of native and field retailer pharmacies throughout the nation unable to course of any insurance coverage claims or settle for low cost prescription playing cards.
In response to the scenario, the American Hospital Affiliation (AHA) issued a warning yesterday recommending that each one healthcare organizations that depend on Optum options disconnect their techniques instantly to guard their companions’ and sufferers’ information.
“We suggest that each one well being care organizations that had been disrupted or are doubtlessly uncovered by this incident contemplate disconnection from Optum till it’s independently deemed protected to reconnect to Optum,” warned the American Hospital Association.
BleepingComputer has realized that healthcare suppliers have begun to disconnect all connections to Optum, Change Healthcare, and UHG to stop the potential unfold of the assault to their very own techniques.
Columbia College announced that the New York Presbyterian healthcare system, which incorporates the Weill Cornell and Columbia hospitals, advises companions to disconnect from UGH companies.
Supply: BleepingComputer
Columbia College mentioned they’ve additionally blocked all e mail connections with UnitedHealth Group’s domains and advise that no workers go to these domains till advised it’s protected.
“Moreover, to attenuate the danger this exterior cyber safety occasion presents to our computing atmosphere, we’ve got taken the extraordinary precaution of blocking e mail from the next domains: Optum.com, Changehealthcare.com, Caremount.com, Unitedhealthgroup.com, Uhc.com, and Uhg.com.”
The US navy’s healthcare supplier for active-duty personnel, Tricare, has additionally been impacted, saying that the Optum outage has compelled all US navy pharmacies worldwide to fill prescriptions manually.
Whereas it’s unclear what sort of assault is behind Change Healthcare and Optum’s outages, despite the fact that they declare it’s a “nation-state” actor, it bears all of the indicators of a ransomware assault.
If a ransomware gang performed this cyberattack, then it’s possible that affected person and company information would have been stolen within the assault.
This stolen information will then be used as leverage, the place the risk actors will threaten to leak the info if a ransom is just not paid.
The investigation into the incident is ongoing, and official particulars relating to the extent of the cyberattack have but to be disclosed.
Replace 2/23 (1) – We now have obtained data that the incident additionally impacts Availity, the clearinghouse for Therabill, that has paused claims processing and remittance recommendation because of this.
In response to an e mail circulated by the group, Change Healthcare notified Availity, who then ceased connections with Change Healthcare, Optum, and United Healthcare as a precaution.
Therabill’s safety crew has reportedly not detected any compromise of its members’ information and is actively monitoring the scenario to make sure information safety.
