NewsNation

Change Healthcare cyberattack: Where do things stand?

FILE - Pages from the United Healthcare website are displayed on a computer screen, Feb. 29, 2024, in New York. Federal civil rights investigators are looking into whether protected health information was exposed in a recent cyberattack against Change Healthcare, a massive U.S. health care technology company owned by UnitedHealth Group. (AP Photo/Patrick Sison, File)

(NewsNation) — UnitedHealth Group has paid out more than $3.3 billion to providers impacted by the massive cyberattack against Change Healthcare in February, the company said Wednesday.

Change Healthcare — a subsidiary of UnitedHealth — handles 15 billion transactions a year and touches one in every three patient records. Last month, a ransomware group gained access to some of the company’s information technology systems, setting off a negative ripple effect across the nation’s health care system.


The American Hospital Association (AHA) called it the “most significant and consequential cyberattack on the U.S. health care system in American history.” An AHA survey earlier this month found that 94% of hospitals have experienced financial disruptions from the attack.

Those disruptions have had real consequences for patients who have been forced to choose between paying out of pocket for medications or forgoing them entirely.

“We’ve got people walking away from diabetes medicines, antipsychotics, ADHD medications,” Laura Lester, who owns Marion Family Pharmacy in Marion, Virginia, told NBC News earlier this month.

To help providers in need of support, UnitedHealth created a temporary funding program and has advanced more than $3.3 billion so far. The company said providers receiving funds won’t face any fees or interest.

Federal agencies like the Centers for Medicare & Medicaid Services (CMS) have also introduced options to ensure that states can make interim payments to providers affected by the attack.

UnitedHealth is still determining what data the attackers took. The company said Wednesday it’s prioritizing the review of data believed to have “health information, personally identifiable information, claims, and eligibility or financial information.” The process has taken time because Change Healthcare’s own systems were hit.

“We continue to be vigilant, and to date have not seen evidence of any data having been published on the web,” UnitedHealth said on its website.

Since the attack, UnitedHealth said it has restored Change Healthcare’s electronic payments platform and 99% of its pharmacy network services. Medical claims have started to flow again, but some disruptions are expected to continue into April, according to estimates on the company website.

“Anything available and up and running today has been deemed clean and appropriate for us to continue to operate,” UnitedHealth said.

The company said it’s working closely with law enforcement and leading cybersecurity firms to investigate the issue and secure its systems.

At this point, there’s no indication that any other UnitedHealth systems were affected by the attack.

The State Department announced Wednesday it would provide a $10 million reward for information about the “Blackcat” ransomware gang behind the attack.