The recent ransomware attack on the largest health care payment processor in the United States has been labeled by Rick Pollack, CEO of the American Hospital Association, as “the most serious incident of its kind leveled against a U.S. health care organization.”
The target of the attack is Change Healthcare, a prominent company providing a widely used program for healthcare providers to manage customer payments and insurance claims. In response to the attack, the company has taken most of its systems offline as a preventive measure.
The attack’s impact has been severe, particularly for small and midsize health care providers. The outage has hindered doctors from electronically filling prescriptions and has impeded insurance providers from reimbursing health care providers.
U.S. healthcare payment processor (Credits: SILive.com)
Change Healthcare processes a substantial 15 billion healthcare transactions annually and manages a third of all American patient records.
UnitedHealth Group, the parent company of Change Healthcare, revealed that the attack was discovered on February 21, with cybercriminals deploying a ransomware-type, Alphv. Alphv is associated with Russian-speaking cybercriminals, though the identity of those responsible for installing it on Change Healthcare’s systems remains unclear.
The same ransomware was used in a significant attack on MGM Resorts in Las Vegas last year, reportedly installed by a small group of young, English-speaking hackers.
To address the situation, Change Healthcare is collaborating with U.S. law enforcement and has enlisted the services of two prominent cybersecurity firms, Mandiant (owned by Google) and Palo Alto, to aid in the recovery process.
In the meantime, thousands of pharmacies are reported to be using offline processing workarounds, with more than 90% of the 70,000 U.S. pharmacies utilizing Change Healthcare’s payment processor resorting to alternate methods for payment processing.
