Change Healthcare’s clearinghouse services have been restoredThe organization suffered a huge ransomware attack in FebruaryAttack has cost it over $2 billion so far
Change Healthcare has confirmed its clearinghouse services have finally been restored after the organization suffered a massive ransomware attack in February 2024.
Recovery from the Change Healthcare cyberattack has been grueling, costing close to $2 billion so far, with some systems still yet to be restored nearly nine months on.
Although most of its network was restored after two months, some functions are still not fully restored, including its pharmacy claims management and e-health record information exchange systems.
100 million affected
Change Healthcare and parent company UnitedHealth Group’s activities touch 1 in 3 patient records in the US, processing 15 billion health care transactions annually.
The attack caused unprecedented levels of disruption to billing and payments providers across the US, and threatened the viability of hospitals across the country.
It was recently revealed that as many as 100 million people’s information was exposed in the attack, with 6TB of sensitive data stolen, including health insurance info, billings, claims, payment information, and much more.
UnitedHealth reportedly paid $22 million to the notorious ALPHV group in exchange for the data, but the remediation of the attack alone cost $873 million, so the costs keep rising.
Reports claim the ransom never made it to the affiliates responsible for the attack, and was taken in entirety by the ransomware operators, who were only meant to receive a portion.
The attackers reportedly used stolen credentials to log into a Citrix portal that didn’t have multi-factor authentication turned on, which left the organization vulnerable.
It’s likely the repercussions of the attack will be felt long into the future, with some systems yet to be restored. Healthcare providers reported that by early March 2024, 60% of hospitals in the association were seeing a revenue shortfall of $1 million or more per day, and a third of providers had over half their revenue impacted.
Via The Register
You might also like
Take a look at our pick of the best malware removal softwareHospital cyberattack exposes data on nearly a million patientsCheck out our choices for best antivirus software