131 views 58 secs 0 comments

Small practices vulnerable after Change Healthcare cyberattack; some considering bankruptcy

In Data Breach News, News
April 12, 2024
Small practices vulnerable after Change Healthcare cyberattack; some considering bankruptcy

While Change Healthcare UnitedHealth Group claims it continues to make progress in mitigating the impact to consumers and care providers of a massive cyberattack in February on its system and services, Radiology Business provides a grimmer picture of the impact and recent situation:

The incident first occurred in February, shutting down the nation’s largest clearinghouse for health insurance claims and payments for weeks. Owner UnitedHealth Group had promised that claims would begin flowing again by the weekend of March 23.

“Despite UHG’s assurances, serious disruptions continue,” the American Medical Association said in a Wednesday news update.

A new informal survey of 1,400 individuals underlines the broad impact of the cyberattack. Among physician groups surveyed, 80% reported losing revenue from unpaid claims and 85% had committed additional staff time and resources to complete revenue cycle tasks.

The AMA reported that in addition to dipping into personal funds, survey respondents took advantage of advance payments, temporary funding assistance, and loans. Respondents received assistance from the Centers for Medicare & Medicaid Services (12%), state Medicaid plans (0.7%), UnitedHealth Group/Optum (25%), and other health plans (4.5%).

One survey respondent stated, “This cyberattack is leading me to bankruptcy, and I am just about out of cash.”

To add to the woes, a threat actor claims they will leak patient data and other sensitive data if Change Healthcare does not pay them to delete the 4 TB of files they claim to have exfiltrated during the attack.