- Ransomware and extortion gangs typically publish portions of a victim’s stolen data to extort a ransom demand.
- The cyberattack at Change Healthcare on the U.S. East Coast, caused widespread outages at pharmacies and healthcare facilities.
An ongoing cyberattack at U.S. health tech giant Change Healthcare, a major player in the American healthcare tech industry, has caused significant disruption to hospitals and pharmacies across the country, sparking outages and concerns over patient data security. The attack, attributed to the BlackCat ransomware group, has raised questions about the vulnerability of critical healthcare infrastructure to malicious cyber threats.
Significant cascading and disruptive effects
The ransomware attack, which began on Feb 21, has prompted Change Healthcare to take many of its systems offline in an effort to expel the hackers. As a result, nearly all customer-facing systems remain offline, impacting the ability of hospitals, healthcare providers, and pharmacies to fulfill and process prescriptions through patients’ insurance.
The cyberattack has not only affected Change Healthcare but also had ripple effects on other entities within the healthcare ecosystem. The American Hospital Association (AHA), representing over 5,000 hospitals and healthcare providers, advised its members to consider disconnecting from Optum until it is independently deemed safe to reconnect.Furthermore, Tricare, the U.S. military’s health insurance provider, has reported that the cyberattack at Change Healthcare is impacting all military pharmacies worldwide and some retail pharmacies nationally, underscoring the widespread impact of the incident.
Also read: Is XR the future of healthcare? Surgery, mental health, and brain rehab say yes
Privacy and security concerns
In response to the cyberattack, Columbia University, which operates one of New York’s largest hospitals, instructed staff to disconnect all its systems from UnitedHealth Group, Change Healthcare, and Optum, highlighting the widespread impact and concern over the security of interconnected healthcare networks.
The attack has also drawn attention to the broader cybersecurity landscape in the healthcare industry, as concerns mount over the potential compromise of patient data. It remains unclear whether patient data was stolen in the ransomware attack, raising additional privacy and security concerns.
Also read: ChatGPT can write smart contracts but shouldn’t oversee security
The accuracy of UHG’s cyberattack attribution
UnitedHealth Group (UHG), the parent company of Change Healthcare, indicated in a government regulatory filing that it identified a “suspected nation-state” threat actor in its systems but did not attribute the cyberattack to a specific government or state. However, cybersecurity researchers have not previously linked the BlackCat gang to a nation-state or government, raising questions about the accuracy of UHG’s cyberattack attribution.
The cybercriminal group responsible for the attack, BlackCat/ALPHV, has a history of targeting prominent organizations, including U.S. healthcare giant Norton, news-sharing site Reddit, and mortgage and loan giant Fidelity National Financial. Despite this track record, BlackCat has not publicly claimed responsibility for the cyberattack on Change Healthcare.