Home Health & Hospice Week

Health IT:

UnitedHealth-Change Healthcare Cyberattack Damage Continues, Even After Ransom Was Paid

Stay tuned for testimony at congressional hearing.

If you were wondering whether UnitedHealth Group paid the hackers who attacked its Change Healthcare payment platform, now you have a definite answer.

A UnitedHealth spokesperson has confirmed to multiple press outlets that the company did indeed pay a ransom, although they didn’t specify the amount. “A ransom was paid as part of the company’s commitment to do all it could to protect patient data from disclosure,” according to a shared statement.

UnitedHealth also reveals in an April 22 release that the hacked data “could cover a substantial proportion of people in America.” It’s offering a website to connect concerned people with resources such as credit monitoring and identity theft protections at www.unitedhealthgroup.com/ns/health-data-breach.html.

UnitedHealth also gives an update on Change Healthcare’s operations in the release, noting that “Change Healthcare has made continued strong progress restoring services impacted by the event.” For example, “medical claims across the U.S. health system are now flowing at near-normal levels,” the company says.

But that’s not what on-the-ground providers are reporting, says KFF Health News. “We are still desperately struggling,” a Minnesota therapist told the news outlet. “This was way more devastating than COVID ever was,” she said.

“Look, I am freaking out,” a New York City urologist told KFF. “Everyone is freaking out. We are like monkeys in a cage. We can’t really do anything about it.”

UnitedHealth has issued $7 billion so far in relief funds, the company points out.

Remember: You may be entitled to administrative relief from Medicare medical review if the attack has affected you, says HHH Medicare Administrative Contractor CGS. “Any provider or supplier impacted by the CHOPD may request administrative relief from MR activities (e.g., extension for MR additional documentation requests [ADRs], reschedule MR education sessions, etc.),” the MAC says in a recent post.

Up next: While UnitedHealth officials skipped an April 16 hearing on the issue, UnitedHealth CEO Andrew Witty is scheduled to testify before a U.S. House subcommittee on May 1 about the cyberattack.

Note: Get UnitedHealth’s latest updates on the cyberattack at www.unitedhealthgroup.com/ns/changehealthcare.html.

Other Articles in this issue of

Home Health & Hospice Week

View All