UnitedHealth Group has released a timeline for restoring Change Healthcare systems following the BlackCat/ALPHV ransomware attack, which caused delays in patient care across the United States.
The healthcare conglomerate, which owns Change Healthcare, said it expects major pharmacy and payment systems to be restored and available by March 18.
In the meantime, UnitedHealth urges its provider and payer customers to use the applicable workarounds it has established, including its new iEDI claims submission system.
Did UnitedHealth pay a ransom?
THE announcement March 7 comes a few days later Reuters reported that a post on a hacker forum claimed that UnitedHealth paid a $22 million ransom to BlackCat to regain access to data and systems encrypted by the group.
The outlet then reported that blockchain analytics firm TRM Labs said the destination of the funds listed in the message was “associated with ALPHV.”
UnitedHealth has so far not commented on these reports. In the “frequently asked questions” section of its incident information pageThe company said it has been transparent with law enforcement and will continue to coordinate with its law enforcement partners.
It was then reported that BlackCat operations are halted amid allegations that he defrauded an affiliate involved in the Change Healthcare attack. An affiliate involved in the assault accused the gang of excluding them and fleeing with the substantial ransom paid by UnitedHealth.
There is speculation that this move could be an “exit scam” or a name change by the ransomware-as-a-service (RaaS) operator.
“Largest” cyberattack in U.S. healthcare history
The current incident was describe by Rick Pollard, president and CEO of the American Hospital Association (AHA), on March 5, as “the largest and most consequential incident of its kind against the American health care system in history.”
This is due to its impact on hospitals’ ability to provide patient care, fill prescriptions, submit insurance claims, and receive payment for their healthcare services.
The AHA also wrote a letter to Congress on March 4 to request financial support for doctors affected by the outage.
On March 5, the U.S. Department of Health and Human Services announced new measures to help healthcare providers continue serving patients despite payment processing challenges.
Changing healthcare revealed for the first time on February 21, the network suffered an outage, confirming later that day that this was due to an “external threat.”
Reports quickly emerged that pharmacies across the United States were unable to fulfill patients’ prescriptions.
In a deposit To the U.S. Securities and Exchange Commission (SEC), UnitedHealth said the attack was carried out by a “suspected nation-state cybersecurity threat actor.” She later confirmed that she had been a victim of the BlackCat group.