UnitedHealth Group announced on Thursday its anticipated timeline to restore Change Healthcare’s systems by mid-March, potentially resolving the disruptive ransomware attack that has affected critical operations throughout the U.S. health-care system.
According to a filing with the Securities and Exchange Commission, the company confirmed that a cyber threat actor breached a portion of Change Healthcare’s IT network on February 21.
Upon detecting the threat, UnitedHealth promptly isolated and disconnected the impacted systems. However, this action resulted in disruptions to pharmacy services, payment platforms, and medical claims processes.
In a statement released on Thursday, UnitedHealth indicated that electronic prescribing is now fully operational, and payment transmission along with claim submissions are currently functional.
The company anticipates electronic payment capabilities to be reinstated by March 15, and it plans to commence connectivity testing with its claims network and software starting March 18.
UnitedHealth emphasized that there is no evidence suggesting any compromise of its other systems beyond those of Change Healthcare.
“We are dedicated to assisting individuals affected by this malicious attack on the U.S. health system,” stated UnitedHealth CEO Andrew Witty in the release.
In a separate announcement on Friday, UnitedHealth introduced a temporary funding assistance initiative aimed at aiding health-care providers facing cash flow challenges due to the attack.
The company elaborated that it is extending additional financial solutions for providers, including advancing funds weekly.
Recognizing that this program may not fully meet all providers’ needs, UnitedHealth expanded the initiative to encompass those who have exhausted all available avenues and collaborate with payers choosing not to advance funds during the outage of Change Healthcare systems, as outlined in the release.
UnitedHealth clarified that the advances will not require repayment until the restoration of normal claims processing.
Previously, in late February, Change Healthcare identified the ransomware group Blackcat as responsible for the cyber attack.
Blackcat, also known as Noberus and ALPHV, engages in data theft from institutions and threatens to publish the data unless a ransom is paid, according to the U.S. Department of Justice.
Ransomware attacks are particularly perilous in the health-care sector, potentially jeopardizing patient safety when life-saving systems are disrupted.
UnitedHealth did not specify in its release the nature of compromised data or whether a ransom was paid to facilitate the restoration of its systems.
