MINNETONKA, Minnesota – Change Healthcare is currently facing disruptions in its systems for the fourth consecutive day following a cybersecurity breach disclosed by parent company UnitedHealth Group earlier this week.
UnitedHealth Group, the largest healthcare company in the U.S. by market capitalization, owns Optum, a healthcare provider that merged with Change Healthcare in 2022. Optum serves over 100 million patients in the U.S., while Change Healthcare specializes in payment and revenue cycle management solutions.
According to a filing with the U.S. Securities and Exchange Commission, UnitedHealth Group identified a “suspected nation-state-associated” actor behind the cyberattack. The affected systems were immediately isolated and disconnected upon detection. However, specific details regarding the nature of the attack were not provided in the filing.
Change Healthcare issued an update stating that the disruption is expected to continue throughout the day, emphasizing that Optum, UnitedHealthcare, and UnitedHealth systems have not been impacted. The company is diligently working on multiple solutions to restore the affected environment.
Despite UnitedHealth not specifying which Change Healthcare systems were affected, companies like CVS Health reported interruptions in their business operations. CVS Health is managing to fill prescriptions but is encountering difficulties in processing insurance claims in certain cases.
The American Hospital Association has cautioned healthcare organizations to disconnect from Optum until it is safe to reconnect. The AHA is collaborating with relevant authorities like the Department of Health and Human Services, the FBI, and the Cybersecurity and Infrastructure Security Agency to address the situation.
As the cyberattack continues to unfold, the impact on healthcare providers and organizations remains a significant concern. Access to care and prescription services are a top priority for companies like CVS Health amid the ongoing disruption caused by the security breach.
In response to the situation, healthcare organizations are urged to remain vigilant and take necessary precautions to safeguard their systems and patient information. The collaboration between industry stakeholders and government agencies is crucial in addressing cybersecurity threats and ensuring the resilience of the healthcare sector in the face of evolving challenges.