Change Healthcare cyberattack: What's the status of ransomware attack impacting pharmacies, payments nationwide
Health care providers across the nation are reeling after a Nashville-based healthcare technology company was hit with a cyberattack.
Change Healthcare was hit by a cyberattack starting Feb. 21, marking it as the most serious incident of its kind leveled against a U.S. health care organization, according to the American Hospital Association. The attack has affected services that directly affect patient care, including eligibility verifications and pharmacy operations, as well as claims transmittals and payments. It has also affected workers' paychecks.
The Nashville health care company announced Thursday that a ransomware group that had claimed responsibility for the attack was at fault and they are still looking to see how widespread the attack is.
“Patient care is our top priority and we have multiple workarounds to ensure people have access to the medications and the care they need,” Change Healthcare said in a statement.
What is Change Healthcare?
The health care technology company is owned by UnitedHealthcare and provides revenue and payment cycle management for payers, providers and patients.
The company processes 15 billion health care transactions annually and touches one in every three patient records, according to the American Hospital Association.
Ransomware group Blackcat behind Change Healthcare cyberattack
UnitedHealth-owned Change Healthcare confirmed the ransomware group “ALPHV/Blackcat” is behind its recent cyber attack.
According to the Department of Justice, Blackcat has made a global footprint when it comes to cyberattacks and typically follows a “ransomware-as-a-service” model, where developers create ransomware and affiliates use the ransomware to identify and attack “high-value victim institutions."
"Based on our ongoing investigation, there's no indication that Optum, UnitedHealthcare and UnitedHealth Group systems have been affected by this issue," read a statement from the health care company.
What is Change Healthcare doing about the cyberattack?
The company is still determining the extent of the cyberattack, but is working with multiple agencies to identify what happened.
"Our experts are working to address the matter and we are working closely with law enforcement and leading third-party consultants, Mandiant and Palo Alto Network, on this attack against Change Healthcare's systems. We are actively working to understand the impact to members, patients and customers," read a statement from Change Healthcare on Friday.
Which pharmacies were affected in the latest cyberattack?
UnitedHealth believes the issue only impacted Change Healthcare and “all other systems across UnitedHealth Group are operational.”
Pharmacies like CVS, Walgreens, Publix and GoodRX, all reported some level of disruption due to the cyberattack.
Has the cyberattack against Change Healthcare been resolved?
No. As of March 1, the cyberattack is ongoing.
People can keep up to date with the latest on what is happening with the Change Healthcare cyberattack at status.changehealthcare.com.
This article originally appeared on Nashville Tennessean: Change Healthcare ransomware attack: Is UnitedHealthcare affected?
