Change Healthcare Is Returning After Cyberattack; Things May Be Different for Future Victims

By Nina Youngstrom

The paradox of the Feb. 21 cyberattack on Change Healthcare is that it has shaken the health care world to its core but seems otherwise unremarkable in a technical sense, experts say. Although UnitedHealth Group, which owns Change Healthcare, said March 7 that so far its electronic prescription platform is back, the clearinghouse has already been shut down for two weeks, affecting electronic claims processing, insurance verification and remittance advices for many hospitals and other providers.[1] That led to intervention from HHS and CMS, which opened the door to accelerated Medicare payments and relaxed Medicare Advantage prior authorization requirements. At the same time, the FBI’s quick disruption of the threat actors or their own infighting may change the landscape for future victims of ransomware attacks.

“We can’t overstate the impact on the entire health care industry,” said Hillary Harlan, a senior manager at Stout, a global advisory firm. HHS announced March 5 that Medicare providers that need to switch clearinghouses should contact their Medicare administrative contractor (MAC) to ask for a new electronic data interchange (EDI) enrollment.[2] CMS has asked MACs to speed up the process.

Change Healthcare confirmed it “experienced a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat.” The situation has apparently just taken a turn for the better, however, according to UnitedHealth Group, which also announced that Change Healthcare’s electronic payments platform will be available March 15. UnitedHealth anticipates testing and reestablishing connectivity to the claims network and software March 18, with service restored through that week. There’s no word on how it’s recovering the systems.

Although the Change Healthcare ransomware attack was “big and very visible and has the most impact, it feels like business to me,” said Nathan Ruehs, director of the cybersecurity division at N1 Discovery. “The big disruption is the change we have seen in the FBI response. For victims who think the normal process is, ‘I have all the time in the world to talk to these guys, maybe we’ll pay them,’” that’s not how things played out with Change Healthcare and there are implications for other organizations that are hit with ransomware attacks. With Change Healthcare, the FBI apparently moved in quickly. “It’s a good thing they disrupted it so fast,” Ruehs said. “It makes the threat actors less stable.” Change Healthcare reportedly paid the main threat actor a ransom of $22 million but the main threat actor didn’t share the money with its affiliate, as supposedly promised.[3] “Now the threat actors are lashing out in unpredictable ways,” and that may affect how hospitals and other victims respond to ransomware attacks.

This document is only available to subscribers. Please log in or purchase access.
Purchase Login
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field

First name field cannot be blank!
Last name field cannot be blank!
We will send you an email that will give you access to this entire article.
Email field cannot be blank!
Enter a valid email!
Company field cannot be blank!
Enter a valid company!
Title field cannot be blank!

We're committed to your privacy. The Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA) uses the information you provide us to contact you about our relevant content, products, and services. For more information, check out our Privacy Policy.


About SCCE

The Society of Corporate Compliance and Ethics (SCCE) is a non-profit, member-based professional association. SCCE supports our members' work with education, news, and discussion forums. We are a community of leaders, defining and shaping the corporate compliance environment across a wide range of industries and geographic regions. In developing and maintaining effective ethics and compliance programs, our members strengthen and protect their companies.

952.933.4977

About HCCA

The Health Care Compliance Association (HCCA), is a 501(c)6 non-profit, member-based professional association. HCCA was established in 1996 and is headquartered in Minneapolis, MN. We provide training, certification, and other resources to over 10,000 members. Our members include compliance officers and staff from a wide range of organizations, including hospitals, research facilities, clinics and technology service providers.

952.988.0141

Facebook Twitter LinkedIn
Copyright © 2024 by Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA). No claim to original US Government works. All rights reserved. All information provided through this site, including without limitation all information such as the “look and feel” of the site, data files, graphics, text, photographs, drawings, logos, images, sounds, music, video or audio files on this site, is owned and/or licensed by SCCE & HCCA or its suppliers and is subject to United States and international copyright, trademark and other intellectual property laws. Any third party logos and/or content provided herein is owned by such third parties and is used by permission herein. Your use of this site to is subject to our Terms Of Use and Privacy Statement.
Cookie settings