HHS Urges UHG to Mitigate Effects of Change Healthcare Cyberattack

The Department of Health and Human Services has published a letter urging UnitedHealth Group to expedite the activation of its programs designed to mitigate the impact of a ransomware attack on its claims processing and payments platform.

UHG is the parent company of Change Healthcare, which is the subject of the cyberattack on Feb. 21. The Change Healthcare platform remains nonoperational, impacting payments to health care providers, including hospitals and physicians, the HHS said.

Earlier in March, UHG announced the Temporary Funding Assistance Program, which its Optum Financial Services business unit offers to address the providers’ immediate cash flow needs. Providers registered to the program must repay the funds after the platform resumes operations.

While UHG is working to restore the services, the HHS urges the company to take additional actions, including providing Medicaid agencies with a list of impacted providers and expediting delivery of payments made using the platform.

Change Healthcare is expected to be up and running by mid-March. Security researchers learned that UHG paid 350 bitcoins worth $22 million to a cryptocurrency wallet linked to the BlackCat/ALPHV ransomware group, which claimed responsibility for the recent attack, TechTarget reported.

Sign Up Now! Potomac Officers Club provides you with Daily Updates and News Briefings about Cybersecurity

Join Us Now