If you haven’t seen the news, one of the biggest cybercrimes in healthcare occurred about two weeks ago. We here at Abyde have been monitoring the situation closely, ready to educate our readers on how this attack affects them.
This is still an ongoing situation, so stay tuned for any updates and please reach out to our team if you have any compliance questions.
What’s happened so far?
First, let’s do a little bit of unraveling.
United Healthcare, the largest healthcare insurance company, owns Optum, a health technology company. Under Optum, there is Change Healthcare. Change Healthcare, an insurance claims and billing organization that processes over 15 billion transactions annually, was affected by a ransomware attack.
Whew – hopefully I haven’t lost you yet.
So, the attack occurred on February 21, 2024. As of March 6, 2024, the systems are still down but have reached a federal-level investigation, with government agencies, like the FBI investigating this cybercrime.
Who did this?
You might be asking, who would do something like this? Well, it is none other than the notorious BlackCat/ALPHV black hat hacking group.
Here is some quick hacking terminology– Black hat hacking is considered malicious, whereas White hat hacking is ethical, where hackers find vulnerabilities to make a company stronger.
So these black hat hackers successfully led a ransomware attack. Ransomware is a cybercrime where criminals encrypt and hold data, for ransom. Once the affected organization pays the ransom, which averages over five million dollars, the data is released back to the organization.
The BlackCat group is not a stranger to healthcare ransomware attacks, behind several major ransomware attacks, compromising over 1000 organizations in their reign of terror.
Many believe this attack came with a vengeance, with the FBI in December seizing some of BlackCat’s websites. On websites like these, the hacking group publishes sensitive data when their victim refuses to pay ransom.
Speaking of ransom, the BlackCat hacking group successfully had Change Healthcare pay a 22 million dollar ransom in Bitcoin. Unfortunately, some of the systems are still down as of today.
In surprising news, BlackCat is currently offline, most likely an exit strategy for the heads of the hacking group, taking the 22 million and not sharing it with other affiliated black hat hacking organizations.
Overall, cybercrime is extremely prevalent, and these hacking organizations disrupt organizations on an international level.
How does this affect me?
Well, unfortunately, it most likely does affect your practice or organization. In fact, it affects all of us, with a third of patient records having Change Healthcare affect them in some way.
As Change Healthcare is a processing powerhouse, this affects all transactions that it usually handles, like insurance billing and prescriptions.
For instance, this breach has caused healthcare providers to be unable to check for insurance eligibility, halting new patients for their practices, prescriptions not being processed correctly, leading to pharmacists to estimate the pay for patients, and for some, to pay the full amount upfront and wait for a refund once this situation is handled. After over two weeks, as of March 8th, Change Healthcare has reported that prescribing services are available, but payments and medical claims are not available.
Long story short, this breach is catastrophic, impacting 25% of all CVS/Aetna insurance claims.
What can I do?
To avoid, or mitigate the impacts of a breach in your practice, make sure your compliance measures are up-to-par in this digital world. Having the proper IT programs in place is imperative for keeping your data secure.
Additionally, having a program like Abyde in place is key, having plans in place and proactively fixing any vulnerabilities before it’s too late.
Your friends here at Abyde will keep you posted on this breach in our news section. To see Change Healthcare updates, visit this website here.
Reach out to our team at info@abyde.com and schedule a compliance consultation here for Covered Entities, and here for Business Associates.