UnitedHealth Group has paid out an extra $1 billion to providers which have been impacted by the Change Healthcare cyberattack since last week, bringing the overall amount of funds advanced to greater than $3.3 billion, the corporate said on Wednesday.
UnitedHealth, which owns Change Healthcare, discovered in February that a cyber threat actor had breached a part of the unit’s information technology network. Change Healthcare processes greater than 15 billion billing transactions annually, and 1 in every 3 patient records passes through its systems, in accordance with its website.
The corporate disconnected the affected systems “immediately upon detection” of the threat, in accordance with a filing with the Securities and Exchange Commission. The interruptions left many health-care providers temporarily unable to fill prescriptions or get reimbursed for his or her services by insurers.
Many health-care providers depend on reimbursement money flow to operate, so the fallout has been substantial. Smaller and mid-sized practices told CNBC they were making tough decisions about find out how to stay afloat. A survey published by the American Hospital Association earlier this month found that 94% of hospitals have experienced financial disruptions from the attack.
Because of this, UnitedHealth introduced its temporary funding assistance program to assist providers in need of support. The corporate said the $3.3 billion in advances is not going to must be repaid until claims flows return to normal. Federal agencies just like the Centers for Medicare & Medicaid Services have introduced additional options to be sure that states and other stakeholders could make interim payments to providers, in accordance with a release.
UnitedHealth has been working to revive Change Healthcare’s systems in recent weeks, and it expects some disruptions will proceed into April, in accordance with its website. The corporate began processing a backlog of greater than $14 billion in claims on Friday, and on Wednesday said, “claims have begun to flow.”
Shares of UnitedHealth have fallen greater than 6% for the reason that attack was disclosed.
Late last month, the corporate said the ransomware group Blackcat is behind the attack. Blackcat, also called Noberus and ALPHV, steals sensitive data from institutions and threatens to publish it unless a ransom is paid, in accordance with a December release from the U.S. Department of Justice.
The Department of State on Wednesday announced it’s offering a reward of as much as $10 million for information that would help discover or locate cyber actors linked to Blackcat.
UnitedHealth said Wednesday that it’s “still determining the content of the info that was taken by the threat actor.” The corporate said a “leading vendor” is analyzing the affected data. United Health is working closely with law enforcement and third parties like Palo Alto Networks and Google’s Mandiant to evaluate the attack.
“We proceed to be vigilant, and to this point haven’t seen evidence of any data having been published on the net,” UnitedHealth said. “And we’re committed to providing appropriate support to people whose data is found to have been compromised.”
Rep. Jamie Raskin, D-Md., rating member of the House Committee on Oversight and Accountability, wrote a letter to UnitedHealth CEO Andrew Witty on Monday requesting information in regards to the “scope and extent” of the breach.
Raskin asked Witty for details about when Change Healthcare notified its clients in regards to the breach, what specific infrastructure and knowledge was targeted and what cybersecurity procedures the corporate has in place. The committee requested written responses “no later” than April 8.
“Given your organization’s dominant position within the nation’s health care and medical health insurance industry, Change Healthcare’s prolonged outage in consequence of the cyberattack has already had ‘significant and far-reaching’ consequences,” Raskin wrote.
The Biden administration also launched an investigation into UnitedHealth earlier this month on account of the “unprecedented magnitude of the cyberattack,” in accordance with a press release.