Health insurance company UnitedHealth has confirmed that Blackcat is behind a devastating cyberattack that has disrupted healthcare providers nationwide. Reuters Reporting. The attack knocked out United Airlines’ Change Healthcare system for more than a week, disrupting payments at hospitals, clinics and pharmacies across the country.
Because Change Healthcare acts as a middleman between health care providers and insurance companies, the vulnerability hampered routine transactions such as electronic pharmacy refills and new insurance claims. The company first discovered suspicious activity on its IT systems on February 21, according to SEC filings.
Dirk McMahon, chief operating officer of UnitedHealth Group, told STAT the breach could last for weeks. Meanwhile, insurance companies are developing loan programs for health care providers.
In a joint cybersecurity advisory, federal agencies including CISA and the FBI warned that Blackcat is now intentionally targeting health care systems. “Of the nearly 70 breach victims since mid-December 2023, the healthcare industry is the most common victim,” the agencies wrote.
The U.S. government has even offered a $15 million reward for any actionable information on the group’s whereabouts. Last year, an FBI attempt to seize Blackcat’s servers and website appeared to have failed, and the group quickly regained control.
In dark web messages deleted Wednesday, Black Cat also claimed it stole millions of patient records, including sensitive medical and insurance data from the UnitedHealth breach, Reuters the report said. The group also admitted in the same message to stealing data from Medicare, military health care provider Tricare and even CVS Health. No further details were provided about the timing of these breaches, and the message has reportedly been deleted without explanation. Reuters It was not possible to contact the hackers or verify any of their claims.
Even the theft of sensitive records from UnitedHealth Insurance Company could impact millions of people. The American Hospital Association told U.S. Department of Health and Human Services Secretary Xavier Becerra in a letter sent Monday that Change Healthcare handles nearly one-third of all patient records in the United States. “Any prolonged disruption to the Change Healthcare system would negatively impact the ability of many hospitals to provide a full range of health care services to the community,” AHA President Richard J. Pollack wrote.
UnitedHealth is currently working with Google-owned Mandiant and cybersecurity software provider Palo Alto Networks to CNBC Report. The company has not said whether it plans to pay the ransom.