Latest on Change Healthcare Cyber Issue

February 23, 2024

Additional details about the cyberattack affecting Change Healthcare’s systems have emerged in regulatory filings the company submitted to the federal government this week.

On Thursday, the company reported the attack on its systems likely came from “a suspected nation-state associated cyber security threat actor” that had gained access to some of the company’s systems.

“At this time, we believe the issue is specific to Change Healthcare and all other systems across UnitedHealth Group are operational,” the organization said in a statement. “The disruption is expected to last at least through the day.”

Here’s what you need to know:

• Affected services:  Change Healthcare provides prescription processing services to thousands of pharmacies nationwide.
• Background:  During 2022, the diversified health services company Optum and Change Healthcare completed a $7.8 billion merger that officials said would “connect and simplify the clinical, administrative, and payment processes for health care providers and payors.”
• Action steps:  The company said it had contacted security experts, law enforcement, customers, clients, and government agencies following the disruption. It did not offer a timeline until its systems are restored.
  • Following the detection of the problem, the company said it isolated the impacted systems from other connecting systems.
• AHA takeaway:  In a security brief, the American Hospital Association (AHA) recommended “all health care organizations that were disrupted or are potentially exposed by this incident consider disconnection from Optum until it is independently deemed safe to reconnect to Optum.”
• Quotable:  “We are working on multiple approaches to restore the impacted environment and will not take any shortcuts or take any additional risk as we bring our systems back online,” the company said. “We will continue to be proactive and aggressive with all our systems and if we suspect any issue with the system, we will immediately take action and disconnect.”

The federal government has published tools specifically tailored to the health care community to improve cyber preparedness.

For questions about health care cybersecurity, contact Jason Tomashunas, MS, CHEP, manager, emergency management. Members of the AHA also are encouraged to avail themselves of the valuable expertise and experience of John Riggi, the AHA’s national advisor for cybersecurity and risk.