U.S. health providers are facing financial catastrophe following a week-long cyberattack on Change Healthcare.
The ransomware attack has even left some smaller providers running short on cash, Reuters reported Thursday (Feb. 29).
Larger hospital chains are blocked from processing payments, with some forced to absorb the upfront costs, the American Hospital Association (AHA), which represents nearly 5,000 hospitals, healthcare systems, networks and other providers, told Reuters.
The full scope of the problem is not clear, although six smaller companies said their inability to process claims left them owed thousands in overdue payments.
The problem began Feb. 21 when Change, owned by UnitedHealth Group, reported a “network interruption.”
Change Healthcare is the American healthcare system’s largest payment exchange platform between doctors, pharmacies, healthcare providers and patients, which means the breach led to complete disruptions at healthcare clinics, medical billing companies and pharmacies.
The AHA recommended that all healthcare organizations using this system disconnect from Optum, the United subsidiary that operates the Change platform.
In an email provided to PYMNTS, Change Healthcare estimated that more than 90% of the nation’s over 70,000 pharmacies have modified electronic claim processing to offset the effect of the breach, while the rest have offline processing workarounds.
The ransomware gang Blackcat, also known as ALPHV, is reportedly responsible for the cyberattack. The group has a history of going after major businesses, such as MGM Resorts International and Caesars Entertainment.
The same group last year claimed responsibility for a breach at Kentucky-based nonprofit Norton Healthcare that exposed the data of 2.5 million people.
Meanwhile, PYMNTS spoke earlier this week with Lisa Plaggemier, executive director of the National Cybersecurity Alliance, who said the breach is a reminder of the need to be proactive in protecting data.
“Strengthening cybersecurity protocols, enhancing employee training, and fostering a culture of cybersecurity awareness are essential steps in safeguarding against the pervasive threat of data breaches and preserving the confidentiality, integrity and availability of sensitive information,” Plaggemier said.