Physician Practices Bear the Cost of the Change Healthcare Ransomware Attack
A cyberattack on Change Healthcare disrupted patient scheduling, billing, and potentially exposed patient data. It caused financial strain on medical practices and took weeks to recover from.
John M. Burke, MD
Hematologist and Medical Oncologist
Rocky Mountain Cancer Centers
Associate Chair
US Oncology Hematology Research Program
Aurora, CO
February 21, 2024, seemed like any other Wednesday, but during the day, word spread around the office that the software program athenaOne, which we use to schedule patients, was not working. This was not the first time that athenaOne had malfunctioned, but this time it went down and stayed down. Eventually, the explanation became clear: Change Healthcare, a subsidiary of Optum and owned by UnitedHealth Group, announced that its network had been the victim of a cyberattack.
The company’s technology also processes insurance claims, including billions of prescriptions annually. Clearly, a disruption to the Change Healthcare systems could be catastrophic to the entire US health care system.
A group known as either “ALPHV” or “BlackCat” orchestrated the cyberattack. BlackCat reportedly functions as a “ransomware-as-a-service” organization, meaning that its leadership develops ransomware, which affiliates of BlackCat deploy to attack a company. Any subsequent ransom payments are divided between the BlackCat leadership and the affiliates. UnitedHealth Group is believed to have paid a $22 million ransom to BlackCat, although the company has not confirmed this. In addition to paying the ransom, in April, UnitedHealth Group announced that the cyberattack had cost it $872 million, with the projected total cost for the year ranging between $1.35 billion and $1.6 billion.
Recently, a new hacker group called RansomHub said it had 4 terabytes of data from Change Healthcare and demanded another ransom payment. On April 16, 2024, RansomHub delivered on its threat and posted patient health and other confidential information, including contracts between Change Healthcare and its clients, on its dark website.
After about 6 weeks, our practice was able to return closer to business as usual, and the scheduling software is now functional. However, during the crisis, our staff had to create work-arounds to schedule patients and after systems were restored, we had to catch up on unbilled charges. The damage to physician practices may be extensive. A survey by the American Medical Association found that 80% of physicians reported lost revenue because of the event. I know my practice counts itself in that category, and we are still working to estimate the damage done.
Ilson Examines Chemoimmunotherapy Regimens for Metastatic Gastroesophageal Cancers
December 20th 2024During a Case-Based Roundtable® event, David H. Ilson, MD, PhD, discussed the outcomes of the CheckMate 649, CheckMate 648, and KEYNOTE-859 trials of chemoimmunotherapy regimens in patients with upper GI cancers.
Read More
Participants Discuss Frontline Immunotherapy Followed by ADC for Metastatic Cervical Cancer
December 19th 2024During a Case-Based Roundtable® event, Ramez N. Eskander, MD, and participants discussed first and second-line therapy decisions for a patient with PD-L1–positive cervical cancer in the frontline metastatic setting.
Read More
Oncologists Discuss a Second-Generation BTK for Relapsed/Refractory CLL
December 18th 2024During a Case-Based Roundtable® event, Daniel A. Ermann, MD, discussed evaluation and treatment for a patient with relapsed chronic lymphocytic leukemia after receiving venetoclax and obinutuzumab.
Read More
