Source – TechCrunch
Healthcare Network Faces Major Disruption
A cyberattack targeting a division of UnitedHealth Group Inc. has resulted in a nationwide outage of a crucial computer network responsible for transmitting data between healthcare providers and insurance companies. The incident, which occurred on February 21, has impacted Change Healthcare, a subsidiary of UnitedHealth and a key intermediary in the $1.5 trillion US health insurance market. The cyberattack has led to disruptions, rendering some pharmacies unable to process prescriptions.
Suspected Nation-State Cybersecurity Threat
UnitedHealth discovered the cyberattack when a “suspected nation-state associated cyber security threat actor” gained access to Change Healthcare’s systems. In response, the company promptly disconnected the affected systems from other parties, aiming to contain the potential damage. The incident raises concerns about the security of critical networks facilitating communication between healthcare entities and insurers.
Impact on the Health Insurance Market
Change Healthcare plays a vital role in the US health insurance market, operating the largest medical electronic data interchange (EDI) clearinghouse in the country. This network serves as a middleman, facilitating the exchange of claims information between insurance companies and healthcare providers. The disruption caused by the cyberattack has affected various organizations, with some pharmacies experiencing system issues and delays in processing prescriptions.
Response and Investigations
UnitedHealth is actively working with law enforcement and security experts to address the cyberattack. The company has emphasized that, as of now, the cyberattack and subsequent “network interruption” have only impacted Change Healthcare, assuring that all other systems are operational. The company, however, cannot provide a timeline for when the services will be restored. The incident underscores the growing challenges faced by healthcare organizations in safeguarding their critical systems from cyber threats.
The full scale of the disruptions caused by the cyberattack is not yet fully known. While UnitedHealth declined to provide further details, some affected organizations have disclosed information online. BlueCross BlueShield of Montana, for example, acknowledged that certain pharmacies are experiencing system issues due to the outage, potentially delaying the processing of medications.
The incident highlights the broader trend of cyberattacks targeting back-end IT software and services providers, resulting in cascading disruptions across various sectors. The healthcare industry, in particular, has become a significant target for cyber threats, emphasizing the need for enhanced cybersecurity measures to protect sensitive patient data and critical healthcare infrastructure.