Physician Practices Bear the Cost of the Change Healthcare Ransomware Attack
A cyberattack on Change Healthcare disrupted patient scheduling, billing, and potentially exposed patient data. It caused financial strain on medical practices and took weeks to recover from.
John M. Burke, MD
Hematologist and Medical Oncologist
Rocky Mountain Cancer Centers
Associate Chair
US Oncology Hematology Research Program
Aurora, CO
February 21, 2024, seemed like any other Wednesday, but during the day, word spread around the office that the software program athenaOne, which we use to schedule patients, was not working. This was not the first time that athenaOne had malfunctioned, but this time it went down and stayed down. Eventually, the explanation became clear: Change Healthcare, a subsidiary of Optum and owned by UnitedHealth Group, announced that its network had been the victim of a cyberattack.
The company’s technology also processes insurance claims, including billions of prescriptions annually. Clearly, a disruption to the Change Healthcare systems could be catastrophic to the entire US health care system.
A group known as either “ALPHV” or “BlackCat” orchestrated the cyberattack. BlackCat reportedly functions as a “ransomware-as-a-service” organization, meaning that its leadership develops ransomware, which affiliates of BlackCat deploy to attack a company. Any subsequent ransom payments are divided between the BlackCat leadership and the affiliates. UnitedHealth Group is believed to have paid a $22 million ransom to BlackCat, although the company has not confirmed this. In addition to paying the ransom, in April, UnitedHealth Group announced that the cyberattack had cost it $872 million, with the projected total cost for the year ranging between $1.35 billion and $1.6 billion.
Recently, a new hacker group called RansomHub said it had 4 terabytes of data from Change Healthcare and demanded another ransom payment. On April 16, 2024, RansomHub delivered on its threat and posted patient health and other confidential information, including contracts between Change Healthcare and its clients, on its dark website.
After about 6 weeks, our practice was able to return closer to business as usual, and the scheduling software is now functional. However, during the crisis, our staff had to create work-arounds to schedule patients and after systems were restored, we had to catch up on unbilled charges. The damage to physician practices may be extensive. A survey by the American Medical Association found that 80% of physicians reported lost revenue because of the event. I know my practice counts itself in that category, and we are still working to estimate the damage done.
Conservative Management Is on the Rise in Intermediate-Risk Prostate Cancer
January 17th 2025In an interview with Peers & Perspectives in Oncology, Michael S. Leapman, MD, MHS, discusses the significance of a 10-year rise in active surveillance and watchful waiting in patients with intermediate-risk prostate cancer.
Read More
What Is Dark Zone Lymphoma, and Is It Clinically Relevant?
January 16th 2025Dark zone lymphoma includes aggressive B-cell lymphomas with shared molecular features. While some respond to escalated treatment, others remain resistant, highlighting the need for targeted approaches to improve outcomes.
Read More
Controversy Swirls Around the Use of CDK4/6 Inhibitors as Adjuvant Breast Cancer Therapy
January 15th 2025CDK4/6 inhibitors like abemaciclib and ribociclib improve invasive disease-free survival in breast cancer trials, but controversy surrounds study designs, bias, and cost-effectiveness, raising critical questions about their clinical benefit.
Read More
