A cyberattack on Change Healthcare has reportedly affected a number of pharmacies.
The UnitedHealthcare-owned company reported the “network interruption” Wednesday (Feb. 22), and said in a Thursday (Feb. 22) update that the problem was still underway.
“Once we became aware of the outside threat, in the interest of protecting our partners and patients, we took immediate action to disconnect our systems to prevent further impact,” the update said.
“At this time, we believe the issue is specific to Change Healthcare and all other systems across UnitedHealth Group are operational. The disruption is expected to last at least through the day. We will provide updates as more information becomes available.”
A report by TechCrunch notes that pharmacies in Michigan had suffered outages due to the cyberattack. For example, Scheurer Health wrote on its Facebook page that it couldn’t process prescriptions through patients’ insurance, pointing to the “nationwide outage from the largest prescription processor in North America,” referring to Change Healthcare.
Last year saw cyberattacks on the U.S. health system grow in both volume and sophistication, with health facilities being struck by 226 digital attacks affecting 36 million people by the middle of the year.
“COVID was a transformative event as far as cyberrisk goes,” Omid Rahmani, head of the public finance cybersecurity group at Fitch Ratings, told Bloomberg News at the time. “Most of these networks were not designed to go virtual overnight.”
Last August, a ransomware attack on California’s Prospect Medical impacted hospitals and clinics across the country, with experts again noting that these attacks had increased following the COVID pandemic.
“We’re relying more on cloud-based services, remote third parties,” John Riggi, national adviser for cybersecurity and risk at the American Hospital Association, told The New York Times following that incident.
“So all of these things are done with good intention — ultimately to improve patient care and to save lives. But the unintended consequence of this is that it has expanded dramatically our digital attack surface.”
The increasing frequency and sophistication of these attacks shines a light on the need to enhance security systems, as noted in a recent report by PYMNTS Intelligence.
According to that research, the share of financial institutions (FIs) using artificial intelligence (AI) and machine learning (ML) technologies to combat fraud and financial crimes has surged from around 34% to 70% between 2022 and 2023 — an uptick which shows the adoption of advanced technologies to address increasingly complex attacks.
“The encouraging news is that FIs embracing these technologies are witnessing positive outcomes,” PYMNTS wrote earlier this month. “The report highlights that those employing AI or ML are ‘likelier to experience a decrease in the overall fraud rate and less likely to see an increase in the overall fraud rate.’”