UnitedHealth Announces Relief for Healthcare Workers After Cyberattack; Here's What They'll Get

UnitedHealth aids providers after cyberattack; releases vital software and offers financial support.

PUBLISHED MAR 25, 2024

Cover Image Source: UnitedHealth Group CEO, Andrew Witty | Getty Images | Steven Ferdman

Rising healthcare costs are among the factors that are making life difficult for Americans living paycheck to paycheck, and amidst the current scenario, a cyberattack against a major healthcare provider has caused further concern. In the aftermath of the incident, UnitedHealth Group has announced that it has disbursed more than $2 billion to support healthcare providers affected by a recent cyberattack on its subsidiary Change Healthcare. The attack, which targeted Change Healthcare's information technology network, has had far-reaching consequences across the U.S. healthcare system. He acknowledged the immense challenges faced by healthcare providers and encouraged those in need to reach out to the company for assistance. This software, deemed crucial in the restoration of services, will be accessible to thousands of customers in the coming days, marking a significant milestone for the company, per CNBC.

UnitedHealth Group CEO, Andrew Witty | Getty Images | Photo by Steven Ferdman

The cyber breach of Change Healthcare's network disrupted essential services, including e-prescription software and payment management tools. As a result, many healthcare providers faced difficulties in filling medications and obtaining reimbursements from insurers. The company announced the release of medical claims preparation software, which will be accessible to thousands of customers in the coming days, marking a crucial step towards resuming services.

UnitedHealth also confirmed the restoration of Change Healthcare's electronic payments platform and the rebooting of 99% of its pharmacy network services earlier in the month. It introduced a temporary funding assistance program to aid healthcare providers experiencing cash flow challenges due to the attack. These advances provided by UnitedHealth will not require repayment until the claims flow returns to normalcy.

A recent survey conducted by the American Hospital Association (AHA) revealed that 94% of hospitals experienced financial disruptions due to the cyberattack, with over 60% estimating revenue losses of approximately $1 million per day.

Cyber security (representative image) | Pexels | Photo by cottonbro studio

The Biden administration has initiated an investigation into the incident, citing its unprecedented magnitude. The U.S. Department of Health and Human Services' Office for Civil Rights is leading the inquiry, focusing on compliance with healthcare data security regulations.

Despite ongoing efforts to address the breach, UnitedHealth has not disclosed the nature of the compromised data or whether it engaged with the cyber threat actor to restore systems. The company has collaborated closely with law enforcement agencies and cybersecurity firms like Palo Alto Networks and Google Cloud's Mandiant to assess the breach and implement necessary measures.

In the previous year, a staggering 133 million health records were compromised in data breaches, marking a record high, per USA Today. These breaches, predominantly orchestrated by hackers targeting healthcare providers and their affiliates, underscore the alarming vulnerability of the healthcare industry to cyber threats. On average, the United States experienced two health data breaches or thefts involving at least 500 records each day throughout the year.

The repercussions extend beyond financial implications, as individuals grapple with the looming threat of identity theft and scams. One of the most notable breaches occurred at HCA Healthcare, affecting over 11 million individuals and sparking legal action from affected parties seeking accountability for the compromised data. Similarly, a data breach at Perry Johnson & Associates, a medical transcription company, impacted nearly 9 million people and raised concerns about the security of third-party data handlers.