UnitedHealth Group has disclosed that the cyberattack on its technology unit, Change Healthcare, was orchestrated by hackers who identified themselves as the “Blackcat” ransomware group, Reuters news report said.
Initially, UnitedHealth had attributed the disruption to a “suspected nation-state associated cybersecurity threat actor.”
The ramifications of the hack have reverberated across the U.S. healthcare system, causing disruptions in electronic pharmacy refills and insurance transactions. The company’s experts are collaborating with law enforcement authorities and third-party consultants to assess the impact on customers and patients.
“We are exploring multiple strategies to restore the affected environment and remain proactive and aggressive in our approach to all our systems. If any issues are suspected, immediate action will be taken,” stated UnitedHealth.
According to STAT News, the outage may persist for several weeks, as reported in a conference call with hospital cybersecurity officers. UnitedHealth Group’s Chief Operating Officer, Dirk McMahon, revealed plans to establish a loan program to assist providers unable to submit insurance claims while Change Healthcare remains offline. This program is slated to last for the next few weeks.
The group known as “Blackcat” or “ALPHV” claimed responsibility for the attack in a message posted on its darknet site, where it asserted to have stolen millions of sensitive records, including medical insurance and health data from the company. Despite repeated attempts, Blackcat has yet to respond to requests for comment from Reuters.
Blackcat is notorious for its involvement in various ransomware attacks, aiming to extort significant payouts by encrypting data and holding it hostage. The U.S. Department of Health and Human Services has affirmed its collaboration with UnitedHealth’s unit, Optum Insight, to assess the cyber incident’s impact on patient care.
“This incident serves as a reminder to all healthcare providers and contractors to remain vigilant,” stated the agency.
Previously, Blackcat targeted major casino businesses such as MGM Resorts International and Caesars Entertainment. The hack on MGM Resorts last September resulted in a $100 million loss in the company’s third-quarter results.
