UnitedHealth advanced over $2B to providers following cyberattack

UnitedHealth Group has provided over $2 billion in advanced payments to healthcare providers affected by a cyber attack on Change Healthcare.

What happened

On Monday, UnitedHealth Group announced that it has provided advanced payments of over $2 billion to aid healthcare providers financially impacted by a cyber attack on Change Healthcare. According to the company, its medical claims software will begin rolling out on Monday, with availability expanding to "thousands of customers" in the coming days.

Furthermore, UnitedHealth has reinstated its pharmacy network services and payment processing after experiencing several days of disruption caused by the cyberattack.

The backstory 

On February 21, 2024, Change Healthcare experienced a cyberattack that interrupted its operations and services. The attack affected several services within the company's network essential for billing, processing claims, and exchanging health information across America. Reports were suggesting that Optum, a subsidiary of UnitedHealth Group, paid $22 million as a ransom payment, but Optum has since not been able to clarify these allegations.

Going deeper 

The ransomware group Blackcat allegedly orchestrated the cyberattack on Change Healthcare. The attack is believed to have resulted in the theft of 6TB of data; however, about 4TB of data remained in the hands of the cybercriminals. 

After the attack, UnitedHealth Group Incorporated and its subsidiaries faced multiple class-action lawsuits for alleged negligence in implementing cybersecurity measures. These suits claim that millions of protected health information (PHI) were potentially exposed. The plaintiffs are seeking both compensatory and punitive damages as well as improved cybersecurity infrastructure. 

What was said? 

UnitedHealth Group told Reuters it will “start releasing its medical claims software on Monday.” The payments will be made available to thousands of its customers. The company also said that it has restored its “payments processing and pharmacy network services” and will continue to restore its remaining services “until all customers have been connected.”

Why it matters

The cyberattack on ChangeHealthcare affected almost half of the United States’ medical insurance claims, subsequently affecting the cash flow of about 900,000 physicians, 33,000 pharmacies, 5,500 hospitals, and 600 laboratories. The processing of payments and reinstatement of United Health’s services will restore the medical claim system and healthcare services provided by the organizations affected by this cyberattack. This will further result in the resetting of payment systems. 

Related: HIPAA Compliant Email: The Definitive Guide

FAQs

What is a ransomware attack?

A ransomware attack is a cyberattack in which cybercriminals deploy malware to encrypt a user's data and restrict access.

Go deeper: What is ransomware?

What regulations protect PHI?

HIPAA serves as the main protection for PHI by setting strict standards on how it should be utilized, disclosed, and safeguarded. This ensures that individuals' medical details are kept private and secure. 

Go deeper: Understanding and implementing HIPAA rules

What is Blackcat?

BlackCat, also known as ALPHV[1] and Noberus,[2] is a ransomware family written in Rust. It made its first appearance in November 2021.