Hello, dear readers. Today we have a shocking development in the world of American health insurance. It has been confirmed that UnitedHealth Group, one of the leading health insurance companies, has fallen victim to a ransomware attack. The attack targeted their health tech subsidiary, Change Healthcare, and has caused widespread disruptions in hospitals and pharmacies across the United States.
“Change Healthcare can confirm we are experiencing a cyber security issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat,” said Tyler Mason, vice president at UnitedHealth.
The company has been quick to respond to the attack, stating that they are working closely with law enforcement and leading third-party consultants to address the matter. However, they have also acknowledged that their systems have been affected and are actively trying to understand the full impact on their customers.
In a statement on their dark web leak site, the ransomware group ALPHV/BlackCat took responsibility for the attack, claiming to have stolen sensitive health and patient information from millions of Americans. This is a common tactic used by these groups to extort money from their victims.
It is important to note that these claims have not been verified. The group has since taken down their post, possibly an indication that negotiations are underway. However, UnitedHealth Group has not commented on whether they have paid or are in talks with the hackers.
TechCrunch had previously reported on this cyberattack, linking it to ransomware and confirming it with Reuters. The attack began on February 21, causing widespread outages throughout the U.S. East Coast. This has affected not only Change Healthcare but also their parent company, Optum, as well as UnitedHealth Group.
Change Healthcare is a major player in the healthcare tech industry, processing billions of transactions annually and handling billing for over 67,000 pharmacies in the U.S. Their merger with Optum in 2022 gave the latter access to a wealth of patient records.
UnitedHealth Group collectively serves over 53 million U.S. customers and an additional five million internationally, while Optum serves about 103 million in the U.S. alone. The cyberattack has caused major disruptions, with hospitals and pharmacies unable to fulfill prescriptions due to issues with patients’ insurance.
While the exact source of the attack is unknown, ConnectWise, whose products are used by UnitedHealth Group and its subsidiaries, has ruled out any vulnerabilities in their products as a cause. The investigation is ongoing and we will keep you updated on any developments.
If you work for Change Healthcare, Optum, or UnitedHealth and have any further information about the attack, please get in touch with us through Signal, WhatsApp, email, or SecureDrop.