On February 21, 2024, an unauthorized entity gained entry into one of our Change Healthcare platforms,” stated UnitedHealth Group. “Upon detecting the external threat, we promptly took action to disconnect Change Healthcare’s systems to mitigate further impact and ensure the safety of our partners and patients.”

Initially, a precise timeline for service restoration was not disclosed. However, in a statement on March 7, UnitedHealth Group announced that electronic prescribing for pharmacy services had been fully restored, including claim submission and payment transmission.

The company outlined plans to reinstate its electronic payment platform commencing on March 15. Additionally, it anticipated initiating testing and establishing claims network connectivity on March 18, with service gradually reinstated throughout the week.

Despite ongoing efforts to implement workarounds, UnitedHealth Group reported that 90% of claims were processing without disruption. However, it acknowledged that some providers still faced challenges in submitting claims or receiving payments.

To aid affected providers, a temporary funding assistance program has been introduced through Optum, a subsidiary of UnitedHealth Group. The company further stated that additional funding solutions, including advance payments, would be extended to provider partners of UnitedHealthcare. The Optum program is being expanded to accommodate providers who have exhausted all available options and collaborate with payers unwilling to advance funds during the downtime of Change Healthcare systems.

UnitedHealth Group emphasized that this expanded funding mechanism is intended as a last resort, particularly for smaller regional providers, and would be evaluated on a case-by-case basis.

A recent twist in the saga reveals a $22 million transaction, possibly a ransom payment, received by the hackers behind the attack. The dispute within the criminal underground suggests that AlphV, the group responsible, may have deceived its hacking partners. If confirmed, this payment sets a dangerous precedent for the healthcare industry, encouraging further attacks. The incident underscores the profitability of targeting healthcare services and the need for robust cybersecurity measures.

Why did this happen?

According to the 2023 Cost of a Data Breach Report from IBM. Breach costs soar, only 51% of surveyed organizations express a willingness to increase security spending. This highlights a critical gap in understanding the true value of robust cybersecurity measures and the need for organizations to leverage data to communicate the benefits of security to decision-makers. Stories like UnitedHealth Group show the likely results of no spending.

Read the IBM Report

In the face of these cybersecurity challenges, organizations require a proactive and vigilant ally to safeguard their digital assets. Partnering with a Managed Service Provider (MSP) like Astoria, renowned for its hawk-like protection of businesses, becomes a strategic necessity. Astoria’s expertise and proactive cybersecurity approach resonate with the report’s recommendations, providing organizations with a comprehensive solution to effectively mitigate threats.

Astoria’s MSP services include advanced threat detection, incident response planning, and regular testing, aligning closely with the key findings of recent reports. By utilizing Astoria’s services, organizations can bolster their cybersecurity defenses, respond promptly to emerging threats, and enjoy the cost-saving benefits of proactive cybersecurity measures.

As organizations navigate the intricate cybersecurity landscape, insights from recent reports serve as a wake-up call. It’s crucial for organizations to close the gap in security investments, embrace proactive measures, and contemplate strategic partnerships with MSPs like Astoria. By taking these steps, they can not only address current threats but also establish a resilient cybersecurity foundation for the future. The time to act is now, and Astoria is poised to protect organizations against cyber threats, ensuring a secure and robust digital future.