Cyberattack On UnitedHealth Hit Pharmacies, Hospitals Across The US

Hospitals, pharmacies, and other healthcare providers are getting stuck in an insurance processing jam after UnitedHealth Group disclosed a cyberattack within a recently acquired subsidiary that serves as a central hub for payments across the industry.

The cyberattack and subsequent system outage within UnitedHealth’s Change Healthcare has caught the attention of federal law enforcement agencies.

According to a hospital executive who shared the call details with STAT, the FBI, Cybersecurity, and Infrastructure Security Agency, and Department of Health and Human Services were on call Friday afternoon with executives from UnitedHealth, the American Hospital Association, and the Health Information Sharing and Analysis Center, which is a group of hospitals, insurers, and other health care companies that share information on cyber threats.

Health industry experts said that a cyberattack against Change Healthcare, part of insurer UnitedHealth Group’s Optum business, could have severe and lasting consequences should outages continue past the weekend.

Change Healthcare was merged with Optum, a healthcare provider, in 2022 by UnitedHealth. Change Healthcare provides prescription processing services through Optum, which supplies technology services for more than 67,000 pharmacies and care to 129 million individual customers.

Parent company UnitedHealth said Thursday in a regulatory filing with the U.S. Securities and Exchange Commission that it identified a cyberattack affecting systems at Change Healthcare on Wednesday. The company suspects a nation-state was behind the attack, the filing said.

UnitedHealth hasn’t provided any further information about the attack, and Change Healthcare has posted the same status update repeatedly on its website since Wednesday afternoon. The company said it disconnected its systems after identifying the attack and can’t estimate how long the disruption will last. Change Healthcare said more than 100 of its systems are affected.

The American Hospital Association urged healthcare facilities Wednesday to disconnect from Optum and to check their systems for security vulnerabilities.

“We recommend that all healthcare organizations that were disrupted or are potentially exposed by this incident consider disconnection from Optum until it is independently deemed safe to reconnect to Optum,” the AHA said.

Many local retail pharmacies have warned of delays and an inability to send orders through insurance plans.