Change Healthcare Restores Pharmacy Services Disrupted by Ransomware

Change Healthcare parent company UnitedHealth Group says it has restored pharmacy services disrupted by a BlackCat ransomware attack more than two weeks ago.

In an incident update on Thursday, the company revealed that it continues to work aggressively on restoring its systems and services and that key functionality is coming back online.

“Electronic prescribing is now fully functional with claim submission and payment transmission also available as of today. All major pharmacy claims and payment systems are back up and functioning,” the company said.

According to the company, electronic payment functionality will remain down for another week, but will become available for connection on March 15.

Systems related to medical claims, however, will take longer to restore, UnitedHealth Group said: “we expect to begin testing and reestablish connectivity to our claims network and software on March 18, restoring service through that week.”

“While we work to restore these systems, we strongly recommend our provider and payer clients use the applicable workarounds we have established—in particular, using our new iEDI claim submission system in the interest of system redundancy given the current environment,” UnitedHealth Group also said.

The February 21 cyberattack took down the Change Healthcare claims and payment infrastructure with a devastating impact on the US health system, preventing over 7,000 pharmacies and hospitals from processing prescriptions.

On Monday, the US Department of Health and Human Services (HHS) announced the actions it was taking to assist healthcare providers impacted by the incident, which has been attributed to the BlackCat ransomware group.

Advertisement. Scroll to continue reading.

BlackCat reportedly received a $22 million ransom payment from Change Healthcare and pulled an exit scam, refusing to share the proceeds with the affiliate who perpetrated the intrusion and who claims to be in the possession of four terabytes of data stolen from the healthcare technology company.

Related: Critical Infrastructure Organizations Warned of Phobos Ransomware Attacks

Related: German Steelmaker Thyssenkrupp Confirms Ransomware Attack

Related: LoanDepot Ransomware Attack Exposed 16.9 Million Individuals

Source: Original Post


“An interesting youtube video that may be related to the article above”