According to the UnitedHealth Group, it recently paid out an extra $1 billion to providers who were affected by the Change Healthcare cyberattack. A figure that places the total amount paid out for this issue at $3.3 billion at this moment.
In February, it was discovered that Change Healthcare, currently owned by UnitedHealth Group, had sustained a breach in parts of its unit’s information technology network.
However, the company immediately cut off the affected systems upon detection, leaving many of its customers unable to use the services.
Change Healthcare processes over 15 billion billing transactions annually, and according to the statistics on its website, it is said to process 1 in every 3 patient records in the United States.
Therefore the seizure of its services left several healthcare providers temporarily incapable of filling prescriptions or getting reimbursed for their services.
To stay operational, a lot of healthcare providers rely on the reimbursement cash flow through the Change Healthcare channel. Leading Mid-size and small practices to make tough calls on how to stay operational.
According to a survey published by the American Hospital Association, 94% of hospitals in the US experienced financial disruption from the attack.
To manage the situation, the UnitedHealth Group introduced a temporary funding assistance program, designed to assist healthcare providers seeking support.
According to the healthcare company, there is no requirement to repay the already paid out $3.3 billion in advances.
That is until its system is clear of the cyber-attack and the claims flow returns to normal.
United Healthcare began processing a backlog of over $14 billion in claims on Friday, as it is working to ensure the restoration of the Change Healthcare system.
The UnitedHealth cyberattack recovery
In recent weeks, the UnitedHealth Group has been working on the clock to restore Change Healthcare’s systems, informing its partners that they may encounter some disruption into April.
However, since the event of the cyberattack on the company’s systems was publicized, UnitedHealth stock has fallen more than 7%.
The UnitedHealth Cyber attackers
Blackcat, also known as Noberus and ALPHV, a notorious ransomware group, has claimed to be responsible for the cyber-attack on the Change Healthcare systems.
The ransomware group is an entity dedicated to stealing sensitive data from companies and institutions, then threatening to release the stolen content unless a ransom is paid.
Blackcat is now a wanted organization by the United States Department of State. In an announcement made on Wednesday, 27 March, the agency declared a reward of up to $10 million for any information that could help apprehend any member of the Blackcat group.
United Health disclosed that it is currently working with law enforcement and third parties such as Google’s Mandiant and Palo Alto Networks, to analyze the contents of the data said to be stolen from its database.
The US government assistance
On Monday, a ranking member of the House Committee on Oversight and Accountability, Rep. Jamie Raskin, D-Md, wrote a letter to the UnitedHealth CEO Andrew Witty, demanding information about the extent of the attack.
In addition, Raskin requested information about which UnitedHealth infrastructure was the target of the attack, and, what cybersecurity systems the company has installed.
UnitedHealth has been given the deadline of 8 April to provide the committee with written responses.
