Optum's Change Healthcare has started to bring systems back online after suffering a crippling BlackCat ransomware attack last month that led to widespread disruption to the US healthcare system.
United Health Group (UHG) is the largest American health insurance company, and its subsidiary, Optum Solutions, operates the Change Healthcare platform. Change Healthcare operates the largest payment exchange platform between doctors, pharmacies, healthcare providers, and patients in the US.
On February 21, 2024, Optum Solutions suffered a ransomware attack by ALPHV/BlackCat, causing extensive outages after servers were allegedly encrypted and the company shut down its IT systems.
These outages led to wide disruption at pharmacies and doctor offices, which could not send claims, causing some patients to pay full price for their medications.
Today, UHG emailed a statement to BleepingComputer that finally delivered some good news, announcing the electronic prescription systems are back online and fully functional as of March 7.
"Electronic prescribing is now fully functional with claim submission and payment transmission also available as of March 7," reads the status update.
"We have taken action to make sure patients can access their medicines in the meantime, including Optum Rx pharmacies sending members their medications based on the date needed."
The company also promised that the electronic payments platform should gradually return to normal operational status starting on March 15, while the work to re-establish the medical claims system will begin with testing on March 18, 2024.
Currently, interim solutions are in place to process medical claims, achieving a throughput of 90%. This figure is expected to rise to as much as 95% by next week, following the implementation of additional solutions by UHG.
The company strongly advises all stakeholders to implement the available workarounds until the systems are fully restored and maintain them post-restoration for redundancy. Date estimates are dubious, and system availability may not be stable for a certain period.
For specific system statuses, check this status page on the Change Healthcare platform. Updates on status changes are provided through this webpage.
At the start of the month, Optum launched a temporary funding assistance program to allow healthcare providers to continue operating without facing monetary shortages for as long as the payment systems are down.
On Tuesday, March 5, the U.S. Department of Health and Human Services announced further measures to lessen the impact of the outage for impacted organizations.
However, the American Hospital Association responded with a request for more action, calling the incident "the most significant and consequential incident of its kind against the U.S. health care system in history."
Ransom allegedly paid
Last week, an affiliate for the BlackCat gang claimed that the ransomware operation stole a $22 million ransom payment from them, which was paid by Optum to prevent the leak of 6 TB of allegedly stolen data and to receive a file decryptor.
The ransomware operation shut down their servers and soon announced the shutdown of the entire operation, which many believe was a planned exit scam.
Unfortunately, the affiliate behind the Optum attack claims to have the stolen Change Healthcare data still and will likely continue to extort the company to pay another ransom.
However, if a ransom was paid, it means Change Healthcare gained access to a decryptor, allowing the company to restore systems and servers more quickly.
Post a Comment Community Rules
You need to login in order to post a comment
Not a member yet? Register Now