In the ever-evolving landscape of cybersecurity threats, the recent Change Healthcare cyberattack stands out as a stark reminder of the vulnerabilities faced by healthcare organizations. This hack impacted providers, insurance companies, pharmacies, hospitals, and more.
A brief timeline of the Change Healthcare cyberattack
The saga began on February 21, 2024, when Optum, a healthcare services provider, reported widespread connectivity issues later attributed to the Change Healthcare cyberattack. The Department of Homeland Security soon warned the nation about this attack after the ransomware group BlackCat claimed responsibility.
In response to the mounting challenges caused by the attack, initiatives like funding assistance programs and workaround implementations were rolled out by Optum and Change Healthcare. As the impact of the cyberattack became increasingly palpable, hospitals throughout the country reported substantial daily losses, echoing the financial strain felt across the industry.
On March 20, legal actions ensued with providers initiating lawsuits against UnitedHealth Group. However, glimmers of hope emerged as Change Healthcare began the arduous task of restoring its clearinghouse platforms by March 22.
As the situation continues to unfold, stakeholders have intensified their efforts to navigate the aftermath of the attack. Maryland representative Jamie Raskin sought a briefing on UnitedHealthcare’s response, underscoring the need for transparency and accountability in addressing the crisis.
The financial impact of the Change Healthcare cyberattack
According to Wired, Change Healthcare said that it has lost $872 million to the incident and projects that number to rise well over a billion in the long term. Additionally, a recent Change Healthcare statement was released to news outlets, admitting that they had paid hackers 350 bitcoins, or $22 million USD.
"A ransom was paid as part of the company’s commitment to do all it could to protect patient data from disclosure," the statement said. The company’s delayed admission of the payment also recently accompanied a new post on its website warning that the hackers may have stolen health-related data that would "cover a substantial proportion of people in America."
The company launched an emergency program giving interest- and fee-free loans to medical providers, but many applicants claimed that the funds offered were minuscule compared to their expenses. UnitedHealth, Change Healthcare’s owner, has already issued $3.3 billion in loans through its programs so far.
According to The Wall Street Journal, one hospital said it was racking up eight-figure losses on claims every single day since the Change Healthcare cyberattack.
Compromised Data
According to CBS News, it is unclear how much patient data was compromised with the Change Healthcare cyberattack. Cybersecurity expert Peter Tran said that it is unlikely that patients will need to worry about personal medical data getting leaked.
"Usually, the data is limited to billing codes." Tran told CBS News. "Users of healthcare portals, now that portals are open to patients, don’t necessarily need to worry that the sky is falling."
Unfortunately, however, this hack could affect patients when their bills come in. These bills may come in in large chunks because the providers were finally able to submit the claims. This means that there could be five or six different bills they have to pay all at once.
What’s Next?
Change Healthcare still isn’t sure how long it will take to fix the problem, and they said they are continuously working to solve it.
In the meantime, continue to stay vigilant in your practices by monitoring suspicious activity, keeping up with security updates, and updating patients, employees, and other stakeholders regularly. Acting swiftly and decisively in response to a data breach can minimize damage and protect the interests of your practice and the individuals affected.
DentiMax has a reliable e-claims solution available that was not affected by the Change Healthcare cyberattack. For more information, please visit our practice management software page to learn more.
